Cybersecurity and Technology Blog

{Cyber Byte Video} Web Application Security

Thursday, May 16, 2019

Vulnerabilities lurking in a web application is one of the leading causes of a data breach. Learn how to conduct a self-assessment to identify any vulnerabilities within your web apps.

Categories: Blog, Videos

Vendor Management: How Should I Categorize My Vendors?

Friday, May 3, 2019

Maintaining an efficient vendor management program is a necessity for a responsible organization’s understanding of outsourcing risk. Your vendor management program can be a headache or an asset, depending on how effectively you manage it.

Categories: Blog

{Hacker Hour} Open the Tackle Box and Go Phishing

Friday, May 3, 2019

Join SBS as we discuss tips and tricks to keep your internal phishing program fresh and continually push the maturity level of your security awareness program.

Categories: Blog, Hacker Hour, Calendar, Webinar

{Threat Advisory} Consumer Account Takeover: Credential Stuffing

Thursday, April 25, 2019

SBS CyberSecurity has been made aware of a credential stuffing attack affecting financial institutions. This attack targets consumer bank accounts and has resulted in financial losses. How does this attack work and what can you do to prevent it?

Categories: Blog

{Webinar} Spring Happenings at the SBS Institute

Wednesday, April 24, 2019

Spring cleaning is on everyone’s “To Do” list right now. Remember, it’s also a great time to dust off your cybersecurity knowledge and learn the latest. Join us for a free educational webinar that will feature our online cybersecurity certification courses.

Categories: Blog, Webinar

Technology Service Provider Contracts (FIL-19-2019)

Friday, April 5, 2019

You might think you have vendor management and business continuity figured out, but don’t be so sure. The FDIC’s FIL-19-2019 highlights observations from recent examinations revealing that financial institutions may be unaware of the gaps that often exist between a technology service provider's cont...

Categories: Blog

SOC 2 vs. SOC for Cybersecurity Reports

Wednesday, March 27, 2019

There are a variety of different types of SOC reports, including SOC 1, SOC 2, and SOC 3, as well as the newest member of the team – the SOC for Cybersecurity. While each report has its own purpose, we’re going to dive into the difference between the SOC 2 and SOC for Cybersecurity reports.

Categories: Blog

FTC Proposes Changes to GLBA Safeguards Rule

Friday, March 22, 2019

The first major changes to the GLBA and the Safeguards Rule have been proposed. On March 5th, 2019, the FTC announced proposed revisions to the Safeguards Rule, including an expansion of the companies covered by the Rule and requiring specific controls to secure customers’ information.

Categories: Blog, In the News

Scoping Your IT Audit Based on Risk

Wednesday, March 20, 2019

"Scoping your IT Audit based on risk" is a phrase that’s thrown around a lot by IT Audit companies and examiners, but what does it really mean? How do you know if your IT Audit is truly risk-based, or if it’s based on an auditor’s idea of what security ought to be?

Categories: Blog

A Guide to Performing Internal Social Engineering Testing

Wednesday, March 13, 2019

Social engineering testing more than once a year is proven to be a beneficial way to keep employees alert and hold them responsible for their actions. Since hiring regular testing throughout the year is not an option for everyone, let’s go through some options for performing your own internal social...

Categories: Blog