FoxPointe Security Hub

Uncategorized

Subscribe to the blog

Receive articles and resources from the information risk management experts at FoxPointe.

Managing a Remote Workforce COVID 19 forced many organizations into supporting a remote work force with little time to create a well-developed and documented remote work plan. Now that the initial rush to arrange the necessary logistics for remote work has passed, it is important to continually review remote work...

New Cyber Incident Reporting The NCUA has proposed a new Cyber Incident Reporting Rule. This proposal comes on the heels of the Federal Banking Agencies Incident Reporting Rule that went into effect earlier this year. The proposed NCUA regulation would require federally charted credit unions (also applies to state-chartered, federally...

This article was written by Jamie Normand, Security Consultant – FoxPointe Solutions Cybersecurity Jurisdiction Data privacy and protection regulations are becoming increasingly common worldwide. This month marks four years since the European Union’s General Data Protection Regulation (GDPR) took effect. During the GDPR’s first four years, more than $1.5 Billion...

PCI Standard v4.0 In March 2022, the Payment Card Industry Security Standard Council (PCI SSC) released its initial draft v4.0 of the standard. Based on the initial draft release, the following critical changes are assumed to be incorporated into the new version of the PCI standard: For merchants, sensitive authentication...

The ever-growing threat landscape and wide accessibility to the internet around the globe have made it easy for malicious actors to launch cyber-attacks and exploit vulnerabilities within an organization. Big or small, organizations that possess data can be at risk to cyber criminals who want to gain access to their...

This article was written by Andrew Parks & James Merritt. Apache Log4j Apache Log4j is an open-source library that is utilized by applications to facilitate logging requests. On December 9th, 2021 a vulnerability was reported (CVE-2021-44228 from the National Vulnerability Database) that impacts applications leveraging Apache Log4j versions 2.14.1 and...

Risk Management Guidance On July 13, 2021, the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC, and together with the Federal Reserve and the FDIC, the Agencies), requested comments on proposed interagency...

Fraud Prevention All fraud begins with a line of thinking that follow three major factors: Opportunity, Rationalization, and Pressures. Rationalization is the excuse an individual uses to provide comfort or assurance that they need to commit fraud. An example of this could be: “I’ll put the money back, I just...

FedLine Security and Resiliency Assurance Program In October 2020, the Federal Reserve Banks (FRB) posted an announcement to their website titled “Announcing the FedLine Solutions Security and Resiliency Assurance Program”. The FRB’s FedLine Solutions are a critical component of the U.S. payment system. FedLine is a suite of payment solutions...

Information Security Complacency My career has taken me through a winding road of many areas including finance, manufacturing, education, and, today, information security. My career has included 24 years in the manufacturing world, where I managed many risks including employee theft (check kiting and manipulation) and mail fraud (vendor checks...