Finosec Official Blog

Does your institution still have outdated processes in place?

Jun 29, 2022 12:30:00 PM / by Finosec posted in Cybersecurity, Innovation, board training, Exam Readiness, preparedness, Security, information security, Information Security Officer

0 Comments

In a video released to FINOSEC Academy, Co-Founder and CEO, Zach Duke, poses some questions around the processes you currently have in place at your institution. Regardless of which department you think of first, it is likely that some outdated processes are still in place, and your information security and cyber security teams are no exception.

Read More

FDIC 2022 Risk Review

Jun 28, 2022 1:15:00 PM / by Finosec posted in FDIC, 2022, Risk, Risk Review

0 Comments

Understanding examiner expectations and knowing how to train your team and board on information security is important. You and your team need to know where the risks are and where regulators are focused based on those risks. 

Read More

How to better manage your financial institution’s information security systems

Jun 16, 2022 2:15:00 PM / by Finosec posted in Cybersecurity, Innovation, Banking, system map, board, board training, information security, System Inventory

0 Comments

System Inventory Video

It’s vital for you to fully understand the information security management systems you have in place

But it’s a nuisance to keep track of them all. First, you need to know the status of every component, especially for the systems you outsourced. Then, you must also understand the different kinds of information the systems store, how it’s stored, how data is transmitted, and what kinds of information is transmitted.

Read More

What key processes in IT Controls does your institution have in place?

Jun 2, 2022 2:00:00 PM / by Finosec posted in Cybersecurity, Banking, board, board training, Risk Assessment, IT Controls, information security, IT, Processess

0 Comments

Managing Risk

Read More

Why Does Independence In Your Information Security Officer Matter?

May 19, 2022 10:45:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, board training, information security, independence, Information Security Officer

0 Comments

ISO Independence

A vital component of your information security program is an information security officer that is independent and adhering to appropriate segregation of duties as outlined by regulatory expectations. 

Read More

Exams are never fun. But we know how to make bank regulator exams easier!

May 5, 2022 10:45:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, Exam, Exam Readiness, preparedness

0 Comments

And let’s acknowledge the tests associated with bank examiners definitely fall into the “not fun” category.

Read More

Computer-Security Incident Notification Requirements for Banking Organizations

Apr 27, 2022 12:00:00 PM / by Finosec posted in Cybersecurity, Innovation, Banking, Notification, Computer, Security

0 Comments

Have you addressed the Computer-Security Incident Notification Requirements for Banking Organizations?   Full compliance has been extended to May 1, 2022.   Five questions to ask:

Read More

Staffing Questions

Apr 21, 2022 10:15:00 AM / by Finosec posted in Cybersecurity, Banking, board, board training, training

0 Comments

In a technology driven industry, it is easy to assume that most of the decisions made around your cybersecurity posture are related to tools and software. While that may be the case a majority of the time, FINOSEC President and CEO Zach Duke also raises some questions and awareness around the impact of staffing on your cybersecurity and information security environment. In the video below, Zach poses questions around ISO independence, support infrastructure, and how to navigate staffing limitations. Watch the video and come back after the break for further discussion.

Read More

Credible Challenge

Apr 7, 2022 10:00:00 AM / by Finosec posted in Cybersecurity, Innovation, Banking, credible, board, board training, training

0 Comments

It is understood and expected that auditors and examiners will ask financial institutions about the safeguards, controls, and tools in place that drive and strengthen their cybersecurity governance. But as FINOSEC President and CEO Zach Duke describes in today’s video, they will also be looking for additional components. The industry is seeing expectations to describe the nuances of what questions and processes were present in cyber related strategic decisions, a concept called “credible challenge.” Auditors and examiners are looking for validation that the Board and other executive leadership members are asking solid questions and demonstrate compelling processes in making decisions around cybersecurity. Watch the video from Zach below and come back after the break for further discussion.

Read More

Finosec releases enhanced User Access Reporting Application

Mar 11, 2022 11:15:00 AM / by Finosec posted in Cybersecurity, Innovation, What's New, Fintech, Press Release, Banking, community banking, User Access, User Access Reporting

0 Comments

The practice of user access reporting within financial institutions has historically been an arduous process that relies on archaic technology and is both time and labor intensive. While generating multiple user access reports per year would be ideal, many financial institutions, through no fault of their own, often find they can only produce the bare minimum amount of reporting required annually. But as cyber risks continue to grow and the regulatory requirements continue to increase, it is vital that financial institutions can quickly and easily produce these reports, and with increased frequency. 

Read More