On May 3, 2024, three of the federal banking agencies published a new Third-Party Risk Management Guide for Community Banks. Learn more about the guidance and how it applies to your organization.
In this article, we’re going to clarify what GLBA is, and what people mean when they say GLBA as it relates to regulatory compliance.
A look at the CISA's proposed rule in the Federal Register titled Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements.
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.
On September 29, 2023, the Federal Deposit Insurance Corporation (FDIC) announced the updated Information Technology Risk Examination (InTREx) procedures. If you’re curious about what changed, you’ve come to the right place.
On November 13, 2023, the Federal Trade Commission published a Final Rule in the Federal Register updating the Safeguards Rule. The rule includes changes to the incident notification requirements for financial institutions.
On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.
When you get a finding, how can you respond most effectively? Here are six tips.
The purpose of this article is to put policies into a 360-degree mirror and shed some light on a few areas which may need a little care.
Through the vendor management process, you take steps to make sure your vendors are secure and resilient, but what about their third parties? Do your vendors hold their subcontractors to the same standard of excellence? How can you know?
It can be difficult to muster up the creativity for something relevant month after month. In this article, we offer a phishing template and theme for each month of the year to help inspire you for your next phishing test campaign.
