Hey Guru
I saw multiple references to the term “risk appetite” in the FFIEC Cybersecurity
Read the rest of the article
Ask the Guru: Cybersecurity “Risk Appetite”
Read the rest of the article
Read the rest of the article
FFIEC Releases Cybersecurity Assessment Tool
UPDATE: Safe Systems just released their Enhanced CyberSecurity Assessment Toolkit (ECAT) – This enhanced version
…Read the rest of the article
FFIEC Issues 2 Statements on Cybersecurity
Both statements address recent cybersecurity threats; one targeting online credentials (passwords, usernames, e-mail addresses that
…Read the rest of the article
Vendor Management in 3 Parts. Part 2 – Risk Assessment (or, “will they or won’t they?”)
In Part 1 I said that vendor management, just as any other risk management endeavor,
…Read the rest of the article
Vendor Management in 3 Parts. Part 1 – Risk Identification (or, “do they or don’t they?”)
Service provider oversight (aka vendor management) is undoubtedly the hottest hot-button item on the regulator’s
…Read the rest of the article
Windows XP and Vendor Management
The FFIEC issued a joint statement recently regarding Microsoft’s discontinuation of support for Windows XP.
…Read the rest of the article
FDIC Institutions still getting UIGEA (Reg GG) findings – UPDATE
Update 1 - 12/5/2011 to add examination procedures*.
Update 2 - 2/13/2012 to emphasize policy requirements.
Update 3 - 10/8/2012 to add specific courses of action
Read the rest of the article
BYOD Redux – The Policy Dilemma (Part 1)
Employee-owned mobile devices are everywhere, and they’re being used for everything from email to document
…Read the rest of the article
“Operational Risk Increasing”
In a recent speech to the Exchequer Club1, Thomas J. Curry, the new
…Read the rest of the article
CFPB Examinations Are Coming – UPDATE 2
Coming soon to your financial institution:
Dear Board of Directors:
Pursuant to the authority of the Dodd-Frank Wall Street Reform...
Read the rest of the article
Read the rest of the article