Upcoming Event: Don’t miss the 11th Annual Compliance Solutions Boot Camp! Click HERE for more details.
Upcoming Event: Don’t miss the 11th Annual Compliance Solutions Boot Camp! Click HERE for more details.
Receive articles and resources from the information risk management experts at FoxPointe.
By: Christopher Salone, CISA CCSFP, MBA This past year proved to be a year of rapid development for the cybersecurity and IT landscape. As new threats emerged, others continued to develop and evolve. Throughout the year, the FFIEC, in an effort to help its institutions combat these threats, issued new...
The ever-growing threat landscape and wide accessibility to the internet around the globe have made it easy for malicious actors to launch cyber-attacks and exploit vulnerabilities within an organization. Big or small, organizations that possess data can be at risk to cyber criminals who want to gain access to their...
This article was written by Andrew Parks & James Merritt. Apache Log4j Apache Log4j is an open-source library that is utilized by applications to facilitate logging requests. On December 9th, 2021 a vulnerability was reported (CVE-2021-44228 from the National Vulnerability Database) that impacts applications leveraging Apache Log4j versions 2.14.1 and...
Payment Card Industry (PCI) governance program Typically, the two primary goals of a company’s Payment Card Industry (PCI) governance program are to meet the intent of applicable controls and reduce the scope of PCI Data Security Standards (DSS) requirements enforced on the company’s environment. However, many companies do not meet...
Risk Management Guidance On July 13, 2021, the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC, and together with the Federal Reserve and the FDIC, the Agencies), requested comments on proposed interagency...
Fraud Prevention All fraud begins with a line of thinking that follow three major factors: Opportunity, Rationalization, and Pressures. Rationalization is the excuse an individual uses to provide comfort or assurance that they need to commit fraud. An example of this could be: “I’ll put the money back, I just...
FedLine Security and Resiliency Assurance Program In October 2020, the Federal Reserve Banks (FRB) posted an announcement to their website titled “Announcing the FedLine Solutions Security and Resiliency Assurance Program”. The FRB’s FedLine Solutions are a critical component of the U.S. payment system. FedLine is a suite of payment solutions...
What is Phishing? Phishing is defined as a form of social engineering that use email or malicious websites to solicit personal information by posing as a trustworthy organization. When users respond with the requested information, attackers can use it to gain access to the accounts. Phishing is often in the...
Information Security Complacency My career has taken me through a winding road of many areas including finance, manufacturing, education, and, today, information security. My career has included 24 years in the manufacturing world, where I managed many risks including employee theft (check kiting and manipulation) and mail fraud (vendor checks...
Data Security Our workplaces have become more mobile than ever before, largely due to advancements in technology being used by businesses for communication and collaboration. The circumstances related to the COVID-19 pandemic have expedited this movement by forcing most businesses and organizations out of their offices and into remote work...
