Blog

In February of 2018, the Governor of Nebraska approved a Legislative Bill stating that if your business collects personal information about a Nebraska resident, or if you sell a Nebraska resident’s data to a third-party, YOU are responsible for making sure that “reasonable security” controls are imp...

Read More...

The FFIEC Cybersecurity Assessment guidance has introduced a new term for our risk management practice: External Dependency Management. We will explore this new term in our guidance and better understand the requirements provided.

Read More...

Any company that stores, transmits, or processes personal data of EU citizens must comply with the GDPR, even if they do not have a business presence within the EU, or face steep penalties for non-compliance. Due to this requirement, managing the security of information with regards to the GDPR is m...

Read More...

SBS has analyzed and identified the top 25 most common baseline controls not implemented by financial institutions. These are controls that financial institutions MUST complete regardless of their inherent risk score. This session reviews these 25 controls, as well as practical solutions your instit...

Read More...

Knowing your role and responding appropriately can help save your organization in the event of a cyber incident. This video will cover types of attacks, warning signs of a malware attack, and quick response activity that every end users should know.

Read More...

Investing in threat intelligence helps you stay aware of any new and emerging threats making their way across the internet and monitors potential threats targeting your business network. Developing a Threat Intelligence Plan that outlines how you plan doesn’t have to be a huge undertaking.

Read More...

This discussion demonstrates a practical approach to business continuity and disaster recovery that builds upon your IT risk assessment.

Read More...

The #1 question organizations need to ask themselves is “if someone was in our network, would we be able to tell?” If you are uncertain how to go about detecting an incident on your network, you are certainly not alone. Here’s a primer to get you started.

Read More...

Your information security program can be more than a document created for compliance. We will help develop a program that provides your institution with clear direction and guidance that meets and exceeds regulatory expectations while addressing real-world risks.

Read More...

On April 10th, 2018 the FFIEC published a Joint Statement titled “Cyber Insurance and Its Potential Role in Risk Management Programs.” While this statement does not contain any new regulatory expectations, it does contain some items financial institutions should consider.

Read More...