Finosec Official Blog

Finosec


Recent Posts

Why Does Independence In Your Information Security Officer Matter?

May 19, 2022 10:45:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, board training, information security, independence, Information Security Officer

0 Comments

ISO Independence

A vital component of your information security program is an information security officer that is independent and adhering to appropriate segregation of duties as outlined by regulatory expectations. 

Read More

Exams are never fun. But we know how to make bank regulator exams easier!

May 5, 2022 10:45:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, Exam, Exam Readiness, preparedness

0 Comments

And let’s acknowledge the tests associated with bank examiners definitely fall into the “not fun” category.

Read More

Computer-Security Incident Notification Requirements for Banking Organizations

Apr 27, 2022 12:00:00 PM / by Finosec posted in Cybersecurity, Innovation, Banking, Notification, Computer, Security

0 Comments

Have you addressed the Computer-Security Incident Notification Requirements for Banking Organizations?   Full compliance has been extended to May 1, 2022.   Five questions to ask:

Read More

Staffing Questions

Apr 21, 2022 10:15:00 AM / by Finosec posted in Cybersecurity, Banking, board, board training, training

0 Comments

In a technology driven industry, it is easy to assume that most of the decisions made around your cybersecurity posture are related to tools and software. While that may be the case a majority of the time, FINOSEC President and CEO Zach Duke also raises some questions and awareness around the impact of staffing on your cybersecurity and information security environment. In the video below, Zach poses questions around ISO independence, support infrastructure, and how to navigate staffing limitations. Watch the video and come back after the break for further discussion.

Read More

Credible Challenge

Apr 7, 2022 10:00:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, credible, board, board training, training

0 Comments

It is understood and expected that auditors and examiners will ask financial institutions about the safeguards, controls, and tools in place that drive and strengthen their cybersecurity governance. But as FINOSEC President and CEO Zach Duke describes in today’s video, they will also be looking for additional components. The industry is seeing expectations to describe the nuances of what questions and processes were present in cyber related strategic decisions, a concept called “credible challenge.” Auditors and examiners are looking for validation that the Board and other executive leadership members are asking solid questions and demonstrate compelling processes in making decisions around cybersecurity. Watch the video from Zach below and come back after the break for further discussion.

Read More

Finosec releases enhanced User Access Reporting Application

Mar 11, 2022 11:15:00 AM / by Finosec posted in Cybersecurity, Innovation, What's New, Fintech, Press Release, Banking, community banking, User Access, User Access Reporting

0 Comments

The practice of user access reporting within financial institutions has historically been an arduous process that relies on archaic technology and is both time and labor intensive. While generating multiple user access reports per year would be ideal, many financial institutions, through no fault of their own, often find they can only produce the bare minimum amount of reporting required annually. But as cyber risks continue to grow and the regulatory requirements continue to increase, it is vital that financial institutions can quickly and easily produce these reports, and with increased frequency. 

Read More

FINOSEC and FinTech Cowboys

Mar 10, 2022 10:00:00 AM / by Finosec posted in Cybersecurity, Innovation, Fintech, Banking, fintech cowboys

0 Comments

The landscape of cyber risk, and the equal and opposite best practices, is an ever evolving, ever growing, moving target. Staying abreast of the latest recommendations and regulatory expectations can be a daunting task, but it isn’t one that has to be faced alone. Partnerships between community banks and the right FinTech can make all the difference. Zach Duke, CEO and Founder of FINOSEC, sits down with the FinTech Cowboys at FedFis to discuss the nuances of the industry and share their mutual belief that these partnerships help ensure everyone can win. Built on the idea that everyone deserves simple cybersecurity governance, Zach shares how FINOSEC comes alongside community bankers to meet those challenges head on. Furthermore, they discuss how, in a technology saturated environment, trust and integrity are still the heart of these successes. Watch the video below and check out the notes after the break.

Read More

Contract Checklist

Feb 10, 2022 10:15:00 AM / by Finosec posted in Cybersecurity, Innovation, Fintech, Banking, community banking, checklist, contract

0 Comments

Contracts are typically dense, highly detailed documents that can be hard to navigate. After wading through strikingly specific legal verbiage, it can be difficult to ascertain whether or not the contracts are accomplishing everything they claim to be. As a result, financial institutions may wonder how they can feel confident in signing such a document. Systematically and thoroughly reading and reviewing the contract before agreeing to its terms are vital, but knowing how to do that well can be tough. Prior to conducting a review, you’ll need to understand the expectations of the relationship: which products/services were selected, any prerequisites or additional costs to implement, term(s) of the agreement, and the stakeholders. Conducting a contract review is vital to reduce overall risk, ensure that the provisions are correct, and provide both sides with the opportunity to fully understand what they are agreeing to before the final signing decision is made. Regulatory requirements mandate that each institution is responsible for reviewing and understanding vendor contracts and/or agreements - but that is easier said than done.

Read More

Why User Access

Jan 20, 2022 10:15:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, User Access

0 Comments

Threats to your cybersecurity and information security programs are not just external. In fact, 60% of security breaches are internal threats. The weakest component in your cybersecurity posture will always inherently be the human link.

Read More

Cyber Insurance

Jan 13, 2022 10:00:00 AM / by Finosec posted in Cybersecurity, Innovation, Cyber Attack, Banking, User Access, insurance

0 Comments

In the ever evolving landscape of cyber risk, cyber insurance is more important than ever. This is a policy that is specifically tailored to the cybersecurity and information security needs of your institution, potentially covering incidents such as ransomware, cyber extortion, data destruction, and more. To engage with insurers and take out such a policy, the broker will be asking for information around how you secure your institution, including your user access practices and how you are managing to least privilege. CEO and Founder Zach Duke spends a few minutes sharing the cautionary tale of the National Bank of Blacksburg as well as some things to consider when working to secure this type of insurance. Watch the video then read on for further discussion.

Read More