Resources

{Threat Advisory} Consumer Account Takeover: Credential Stuffing

Thursday, April 25, 2019

SBS CyberSecurity has been made aware of a credential stuffing attack affecting financial institutions. This attack targets consumer bank accounts and has resulted in financial losses. How does this attack work and what can you do to prevent it?

Categories: Blog

{Webinar} Spring Happenings at the SBS Institute

Wednesday, April 24, 2019

Spring cleaning is on everyone’s “To Do” list right now. Remember, it’s also a great time to dust off your cybersecurity knowledge and learn the latest. Join us for a free educational webinar that will feature our online cybersecurity certification courses.

Categories: Blog, Webinar

Technology Service Provider Contracts (FIL-19-2019)

Friday, April 5, 2019

You might think you have vendor management and business continuity figured out, but don’t be so sure. The FDIC’s FIL-19-2019 highlights observations from recent examinations revealing that financial institutions may be unaware of the gaps that often exist between a technology service provider's cont...

Categories: Blog

{Hacker Hour} Answering Common Questions About Vulnerability Assessments

Thursday, April 4, 2019

Join SBS as we discuss the answers to your common vulnerability assessment questions and offer guidance on what you can do with your program.

Categories: Blog, Hacker Hour, Webinar

{Special Request Hacker Hour} Understanding SOC2 Reviews Part 2

Thursday, April 4, 2019

You asked for it. You got it! Join us as we host a second session on SOC 2 reporting. We will take a deeper dive into the challenges of completing a SOC 2 review.

Categories: Blog, Hacker Hour, Webinar

SOC 2 vs. SOC for Cybersecurity Reports

Wednesday, March 27, 2019

There are a variety of different types of SOC reports, including SOC 1, SOC 2, and SOC 3, as well as the newest member of the team – the SOC for Cybersecurity. While each report has its own purpose, we’re going to dive into the difference between the SOC 2 and SOC for Cybersecurity reports.

Categories: Blog

FTC Proposes Changes to GLBA Safeguards Rule

Friday, March 22, 2019

The first major changes to the GLBA and the Safeguards Rule have been proposed. On March 5th, 2019, the FTC announced proposed revisions to the Safeguards Rule, including an expansion of the companies covered by the Rule and requiring specific controls to secure customers’ information.

Categories: Blog, In the News

Scoping Your IT Audit Based on Risk

Wednesday, March 20, 2019

"Scoping your IT Audit based on risk" is a phrase that’s thrown around a lot by IT Audit companies and examiners, but what does it really mean? How do you know if your IT Audit is truly risk-based, or if it’s based on an auditor’s idea of what security ought to be?

Categories: Blog

A Guide to Performing Internal Social Engineering Testing

Wednesday, March 13, 2019

Social engineering testing more than once a year is proven to be a beneficial way to keep employees alert and hold them responsible for their actions. Since hiring regular testing throughout the year is not an option for everyone, let’s go through some options for performing your own internal social...

Categories: Blog