Receive articles and resources from the information risk management experts at FoxPointe.
How can an organization know if they are prepared to handle the many facets of a cybersecurity incident? We check the news all the time and see headlines of the latest data breach, or ransomware outbreak, but what if that happened to you? Would your team be able to identify...
What is Encryption? Encryption is often utilized to protect and hide user information from hackers. However, understanding what encryption is and how it works may be daunting. By looking at the first forms of encryption, we can simplify and understand modern encryption. The simplest form of encryption is referred to...
By: Emily Mosack, Security Consultant at FoxPointe Solutions The end of the year and start of the new year mean tax season is approaching quickly. Tax season is one of the most active times for scammers. Thousands of people have become victims of tax scams and have lost millions of...
This article was written by Ryan Bigelow, Director at FoxPointe Solutions Background In the class action lawsuit Martin v. Safeway Inc., the plaintiff (Martin) alleged that Safeway printed receipts for credit or debit card transactions at its gas stations displaying first six (6) and last four (4) digits of payment...
In this day and age, the importance of having proper security controls in place is critical in order to reduce or mitigate the risk of cyberattacks. Due to the recent global pandemic, security breaches have become more apparent. An organization should understand the criticality of having strong access management in...
Managing a Remote Workforce COVID 19 forced many organizations into supporting a remote work force with little time to create a well-developed and documented remote work plan. Now that the initial rush to arrange the necessary logistics for remote work has passed, it is important to continually review remote work...
Computer Incident Notification Rule In the final quarter of 2021, the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency (the agencies), issued a rule requiring any FDIC insured financial institution to notify its primary Federal...
This past year proved to be a year of rapid development for the cybersecurity and IT landscape. As new threats emerged, others continued to develop and evolve. Throughout the year, the FFIEC, in an effort to help its institutions combat these threats, issued new guidance for examiners and organizations in...
Risk Management Guidance On July 13, 2021, the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC, and together with the Federal Reserve and the FDIC, the Agencies), requested comments on proposed interagency...
Fraud Prevention All fraud begins with a line of thinking that follow three major factors: Opportunity, Rationalization, and Pressures. Rationalization is the excuse an individual uses to provide comfort or assurance that they need to commit fraud. An example of this could be: “I’ll put the money back, I just...
Information Security Complacency My career has taken me through a winding road of many areas including finance, manufacturing, education, and, today, information security. My career has included 24 years in the manufacturing world, where I managed many risks including employee theft (check kiting and manipulation) and mail fraud (vendor checks...
“Data is the new oil.” We have heard that frequently over the years. It’s usually in the context of being a business driver. That is still true, however, it is also lurative for those who want to hijack your data via ransomware. In the early days of ransomware, it would...
