NCUA Releases Updated ACET Application
On September 16, 2025, the National Credit Union Administration (NCUA) announced an update to their Automated Cybersecurity Examination Toolbox (ACET). Here’s an overview of what’s new.
Thanks for visiting our
Tandem Blog
Get our blog posts straight to your inbox.
You have been successfully subscribed to our newsletter.
Texas SB 2610: What the New Law Means for Small Businesses
On September 1, 2025, Texas Senate Bill 2610 (SB 2610) went into effect. This new law was designed to support small businesses by creating a legal “safe harbor” for those that proactively adopt strong cybersecurity practices. Here’s what you need to know.
What is a Cybersecurity Control Self-Assessment?
A cybersecurity control self-assessment is a process in which an organization benchmarks its own security practices against established standards. But what does that mean exactly?
Difference Between Risk Assessments and Cybersecurity Control Self-Assessments
Published Date:
Learn the complementary, but distinct differences between a risk assessment and a cybersecurity assessment, and how they both contribute to understanding an organization’s security posture.
Frequently Asked Questions about the NIST Cybersecurity Framework (CSF)
The NIST Cybersecurity Framework (CSF) is a widely adopted, flexible framework that can help organizations assess their cyber readiness. You might find yourself asking questions like "Where do I start?" This blog is here to walk you through those common questions.
What Financial Institutions Say They Are Using to Replace the FFIEC CAT
With the FFIEC retiring the CAT, we surveyed 400+ financial institutions to reveal how they plan to transition and which cybersecurity frameworks they prefer next.
What the DOJ’s New Security Rule Means for Financial Institutions
On April 8, 2025, a final rule from the DOJ went into effect on the security of personal and government related data. While this rule applies broadly, let's take a look at the terms and requirements as they relate to financial institutions.
Building a Data Compliance Program for the DOJ’s New Security Rule with Tandem
The Department of Justice recently finalized a new rule requiring anyone who is performing "restricted transactions" to implement a Data Compliance Program by October 6, 2025. Let's take a look at how you can build this Data Compliance Program with Tandem.
The Implications of Artificial Intelligence on Cybersecurity
Learn the capabilities and limitations of AI, as well as the current cybersecurity threats and applicable controls.
GLBA Compliance: The Legislation, the Standards, and the Guidance
In this article, we’re going to clarify what GLBA is, and what people mean when they say GLBA as it relates to regulatory compliance.
A Financial Institution’s Guide to CISA’s Proposed CIRCIA Reporting Requirements
Published Date:
Modified Date:
A look at the CISA's proposed rule in the Federal Register titled Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements.