Blog

Blog

Compliant is NOT Always Secure

 

We are PCI Certified!  How did we get hacked?!?!?
We have a 1 on our FFIEC exam and still had this data breach?
There were no exceptions on their SOC report, but our vendor still had a compromise?
 
At Vala Secure, we have heard these comments and questions time and time again.  You have definitely heard them in the news.  Entities from big

Read More…

Proactive Compliance

 

We understand the budget restraints and "rabbit hole" you can get yourself into regarding compliance and security. How much do I do before the cost outweighs the benefit?

Oftentimes while onsite with our clients we find ourselves discussing the balance between regulations or

Read More…

Why a Virtual CISO is the Best-Kept Secret in Information Security

The twin gas pedals of globalization and technology have increased the speed of business to the point where you can blink and suddenly not recognize the landscape around you. This is especially true when it comes to information security, where the very concept of “hacking” and data theft went from Hollywood science fiction to a pressing fact of

Read More…

A Helpful Guide to SOX Compliance for Financial Institutions

The Sarbanes-Oxley (“SOX”) Act of 2002 is a crucial piece of legislation aimed at protecting the confidentiality, integrity, and availability of information that impacts a corporation's stakeholders.

Ensuring ongoing SOX compliance is a fundamental risk management task for any publicly-traded, or even privately-held, company in the United States.

Read More…

Maximizing your Enterprise Business Impact Analysis

The most extensive undertaking of any Enterprise environment is the creation of the Business Continuity Plan and the Recovery Procedures from a disaster. In order to effectively create an accurate continuity plan of the organization as a whole and a recovery process that mitigates the cost to the organization, customer impact, reputation, and

Read More…

Millennials & Their Data Security Habits

I read this article 'Do Millennials Believe in Data Security?' from Harvard Business Review (http://blogs.hbr.org/2014/02/do-millennials-believe-in-data-security/) and found it to be a really interesting read. Much has been said on the impatience of Millennials and the way they handle their data securely is no different. In short, when it comes

Read More…

Webinar - Vendor Management & Information Risk

 

Are your vendors walking a tight rope and risking the information you share with them?

This topic of Vendor Management seems to be very popular these days.....we had a tremendous response to our monthly webinar this month. Our SVP of Compliance Services, Courtney Treadaway, presented some best practices of Vendor Management - specifically on

Read More…

Improved Vendor Management

With a recent breach at core provider FIS, banking executives are asking why more examination information is not shared up front with community bankers. This article in BankInfoSecurity reinforces that federal regulators are emphasizing that bank institutions need to continue to improve their vendor management due diligence.

BankInfoSecurity

Read More…

ATM - ADA Requirements

Hey everyone! I attended a compliance luncheon today, and wanted to share a quick note that I found interesting. There was a banker there who stated that they have received a lawsuit because of their ATM not fully meeting the 2010 ADA requirements. There were some major changes in 2010 and most banks had to do a fair amount of work to get their

Read More…

1 Nite 2 Unite

Moreno Valley is located in northern New Mexico near the towns of Angel Fire and Eagle Nest. For many years, the local churches met the needs of their own congregations but never really communicated with each other, nor worked together in outreach/mission projects with the exception of the ALMS program. Backed by the Wheeler Peak Cowboy

Read More…