Finosec Official Blog

What Auditors and Examiners Expect You to Have Implemented For the Updated FFIEC Authentication Guidance

Zach Duke posted in Cybersecurity, FFIEC, User Access Reporting, preparedness, Risk Assessment, information security, Risk, Risk Review, infosec

0 Comments

The Federal Financial Institutions Examination Council (FFIEC) updated its Authentication Guidance in August 2021, which aims to standardize and enhance security measures for financial institutions. We are seeing a focus on these areas during exams and audits, and understanding these new guidelines is crucial for compliance and risk management.

Read More

Safeguarding Your Assets: Preventing Privilege Creep

Beth Sumner posted in Cybersecurity, system map, self assessment, User Access, User Access Reporting, training, preparedness, Risk Assessment, information security, Risk, Risk Review, infosec

0 Comments

Today, we’re delving into an essential topic that affects both the security and the integrity of your digital assets: privilege creep. In this blog, we’ll explore the potential risks, and provide you with actionable strategies to prevent this sneaky threat from undermining your cybersecurity efforts.

Read More

5 Steps For User Access Review Best Practices

FINOSEC posted in User Access, User Access Reporting, preparedness, Risk Assessment, information security, System Inventory, Risk Review, infosec

0 Comments

User Access Reviews (UAR) are crucial for financial institutions, examiners and auditors are focusing on them, and best practices mandate managing to least privilege.   However, the process can be complicated and time-consuming. This is why it's important to standardize and simplify the process as much as possible. Our User Access Review Best Practices white paper outlines five steps to help you achieve this. 

Read More

What key processes in IT Controls does your institution have in place?

FINOSEC posted in Cybersecurity, Banking, board, board training, Risk Assessment, IT Controls, information security, IT, Processess

0 Comments

Managing Risk

Read More