Finosec Official Blog

Understanding R-SAT v2.0 - A Practical Guide for Information Security Officers: Part 2 of a 3 Part Series

Beth Sumner posted in Cybersecurity, Cyber Attack, Ransomware, Banks, Governance, CSBS, Multi-Factor Authentication, MFA, Financial Institutions, Digital Banking, Data Management

0 Comments

Introduction: Streamlining Data Management in Cybersecurity

Continuing our initial discussion in the 3-part series from the R-SAT v2.0, we turn to the core of data protection: data management. As an Information Security Officer, your role is pivotal in safeguarding your bank’s assets. Comprehensive protection begins with the knowledge that every system – and each piece of data within those systems - is known and accounted for and is managed with the utmost care.

Read More

Understanding R-SAT v2.0 – A Practical Guide for Information Security Officers: Part 1 of a 3 Part Series

Beth Sumner posted in Cybersecurity, Cyber Attack, Ransomware, Banks, Governance, CSBS, Multi-Factor Authentication, MFA, Financial Institutions, Digital Banking

0 Comments

Introduction: Navigating the New Cybersecurity Landscape

Welcome to the first installment of our in-depth three-part series, building upon our November 14th  webinar on the new Ransomware Self-Assessment tool (R-SAT v2.0). The new R-SAT was released by the Conference of State Bank Supervisors in mid/late October. 

Read More

Discovering Possibilities and Building Connections: A Recap of Jack Henry Connect 2023

Zach Duke posted in Innovation, Finosec Forward, Charity, Banks, Financial Institutions, Digital Banking, Jack Henry

0 Comments

Earlier this month, the vibrant city of Indianapolis played host to one of the most anticipated events in the financial technology sector – Jack Henry Connect 2023. This event is not just a conference; it’s a convergence of ideas, innovation, and inspiration, set against the backdrop of one of the U.S.’s “hottest tech cities.”

Read More

Navigating the Ransomware Minefield: Key Takeaways from the CSBS Report on Financial Institutions & R-SAT 2.0

Scott McIlrath posted in Cybersecurity, Cyber Attack, Ransomware, Banks, Governance, CSBS, Multi-Factor Authentication, MFA, Financial Institutions, Digital Banking

0 Comments

As of October 24th, 2023, a new version of the Ransomware Self-Assessment Tool (R-SAT v2.0) has been published for banks to help mitigate new risks associated with ransomware attacks and identify security gaps.  

Read More

The Human Firewall: The First and Final Defense for Financial Institutions

Beth Sumner posted in Cybersecurity, Cyber Attack, cybersecurity awareness month, training, Security, Risk Review, Human Firewall

0 Comments

In today's rapidly evolving digital landscape, financial institutions are under constant threat from cyber adversaries. While policies, security information and event management (SIEM) systems, firewalls, and encryption are indispensable, there's an often-underestimated element: effective cybersecurity training for employees.

Read More

The Genesis of Finosec Forward: A Journey from Vision to Impact

Zach Duke posted in Fintech, Finosec Forward, Charity

0 Comments

When Finosec was just an idea scribbled on a whiteboard, there was already an innate understanding that we wanted to be more than just another company in the tech industry. We yearned to contribute something substantive, both to our field and to the broader community. Out of this desire for meaningful impact was born our most significant initiative, Finosec Forward.

Read More

What Auditors and Examiners Expect You to Have Implemented For the Updated FFIEC Authentication Guidance

Zach Duke posted in Cybersecurity, FFIEC, User Access Reporting, preparedness, Risk Assessment, information security, Risk, Risk Review, infosec

0 Comments

The Federal Financial Institutions Examination Council (FFIEC) updated its Authentication Guidance in August 2021, which aims to standardize and enhance security measures for financial institutions. We are seeing a focus on these areas during exams and audits, and understanding these new guidelines is crucial for compliance and risk management.

Read More

Safeguarding Your Assets: Preventing Privilege Creep

Beth Sumner posted in Cybersecurity, system map, self assessment, User Access, User Access Reporting, training, preparedness, Risk Assessment, information security, Risk, Risk Review, infosec

0 Comments

Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from undermining your cybersecurity efforts.

Read More

ChatGPT and AI in Banking

Beth Sumner posted in ChatGPT, AI

0 Comments

Recently, I’ve been getting many questions on ChatGPT and Artificial Intelligence in Community Banking. Should you implement it? Shouldn’t you? What are the risks? What’s my opinion on this hot topic??

Read More

5 Steps For User Access Review Best Practices

FINOSEC posted in User Access, User Access Reporting, preparedness, Risk Assessment, information security, System Inventory, Risk Review, infosec

0 Comments

User Access Reviews (UAR) are crucial for financial institutions, examiners and auditors are focusing on them, and best practices mandate managing to least privilege.   However, the process can be complicated and time-consuming. This is why it's important to standardize and simplify the process as much as possible. Our User Access Review Best Practices white paper outlines five steps to help you achieve this. 

Read More