Back to Basics: Password Security

This week I want to take a few minutes to discuss something that generates more groans and eye-rolls than a bad pun. But first I mustache you a question. (See?) What is the primary line of defense against data leaks? The answer: Passwords. Think about passwords like the keys on your key ring.  Would you… Read more »

Banking Regulatory Update 2017 | Part Deux

Last month, the Risk Advisory Services Team attended the Community Banking Technology Forum hosted by the Federal Reserve in Richmond. Bryan and I divided up the conference, so he attended Day 1, and I attended Day 2. He previously talked about the ideas that stuck with him from that forum, and this is my take… Read more »

Equifax | When the bad guys have everything, what do we do next?

We have all become accustomed to hearing about Cybersecurity Breaches but this one may be the Mother of all Breaches.  The latest estimate, released October 2, is that 145.5Million people were impacted by the breach.  So almost half of America has had their Social Security Number compromised. When a credit bureau is breached to this… Read more »

Banking Regulatory Update 2017

Last week the Risk Advisory Services Team attended the Community Banking Technology Forum hosted by the Federal Reserve in Richmond. Nearly all the regulatory agencies in the Fed’s 5th District were represented including the Federal Reserve, FDIC, Office of the Comptroller of the Currency, Virginia Bureau of Financial Institutions, West Virginia Division of Financial Institutions,… Read more »

Knock! Knock! Who’s there…

When I was a kid, one of my favorite books was Bram Stoker’s Dracula; I loved reading about the ways the small band of vampire hunters went about systematically hunting down Dracula’s lairs in London while he was doing his best to find ways to avoid detection while creating new victims. Something that always stuck… Read more »

Fall is Upon Us

2017 has been moving by pretty quickly.  It is now September and the kids are back in school, football season is starting and before we know it, the Holidays will be here!  Fall is a great time of year for catching up and getting ready for next year. Top 10 list of things to do… Read more »

Historical Network Resiliency Planning

The Winchester Star, the local newspaper here in YHB’s hometown, publishes a weekly column of stories from their archives called ‘Out of the Past’. It covers 25, 50, 75, and 100 years of newspaper reporting and gives historical context to what was important in those times. It also makes it easy to pine for headlines… Read more »

De-Mystifying NIST SP 800-171

Traditionally, when people think of National Institute of Standards and Technology (NIST) publications, they think of documents that apply strictly to federal government entities or contractors supporting the federal government. However, NIST also releases publications designed for organizations in the private sector as well. IT-Related NIST Publications Under the NIST umbrella is the Information Technology… Read more »

Project Management for the Rest of Us

I’m not sure if it is because I am getting older or if it is because life continues to get more chaotic, but I find myself constantly looking for better ways to get things done.  I am not a Project Management Professional but I have found some very important and simple elements from the basic… Read more »

SOC for Cybersecurity

If you will recall, the April 25, 2017 edition of deTECH discussed changes in SOC reporting in 2017. Many changes are cosmetic or address changes in accounting standards. For example, SOC no longer means Service Organization Control. Instead, the AICPA has introduced the term system and organization controls to refer to SOC engagements. In addition, SSAE 16… Read more »