According to ATM Marketplace, Banks reported that there were more than $1 billion in ransomware payments in 2021, more than double from 2020 and the largest amount ever reported in a year. The Treasury Department collected data that showed the majority of the funds came from attacks connected to Russian hackers. The Treasury said the...Read More

Digital banking is on the rise, just like all other aspects of society. As more customers take their banking online it offers convenience, but also cybersecurity concerns.  Cyber criminals are increasingly targeting small banks and credit unions. Customers are far less likely to trust institutions whose services and products are frequent targets for attacks. Luckily...Read More

  Secure is relative. Different businesses have different obligations and levels of sophistication in their security programs based on several factors. Industry, size, the type of data housed, and more all determine how a business treats its information security program. But the goal is often the same: avoid as many security incidents as possible, protecting...Read More

Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what we’re saying. What’s dumb is using spreadsheets to manage third-party information security risk. If were going to call something dumb, We’d better have some logic to back it up. Good thing....Read More

Vendor security risk management is not easy. It’s often a monotonous combination of spreadsheets, questionnaires, following up with people, and uncertainty. It’s often frustratingly tedious, and it can actually cause otherwise strong information security programs to falter. The best relief is to take a three-step approach to vendor risk management. Simplify. Standardize. Defend. Simplify Managing...Read More

The memory of the largest data breach in the banking sector, in 2016 due to a malware injection is still afresh in our minds. In fact, a recent study revealed that credit and debit card frauds have witnessed a six-fold increase in the past three years. Fraudsters are becoming increasingly sophisticated and more efficient in...Read More

1.  FISASCORE is easy to understand. Information security is a complex discipline with many moving parts, but FISASCORE simplifies the communication about how your information security program is performing. You don’t need to be an information security expert with years of experience to understand what FISASCORE is telling you. One simple number represents your overall...Read More

  WHAT IS A FISASCORE? FISASCORE is a comprehensive, risk-based measurement of information security assigned to your company based on a proven and thorough assessment process. Once completed, FISASCORE will identify critical vulnerabilities, control gaps/deficiencies, and applicable threats to the security of your organization.  FISA is a proprietary assessment tool that encompasses the ISO. IEC....Read More

There are several different versions of ransomware, but all of them have one thing in common. They all deny a company access to their files by encrypting them until a ransom has been paid. Not only can ransomware encrypt the files on a local PC, it can travel across your network and encrypt any files...Read More