Breaches & Brews

Rivial Data Security

The Rivial Data Security team discusses all things cybersecurity while enjoying their favorite brews. We keep it fun and laidback with special guests, personal stories, and some great advice for anyone managing a cybersecurity program.

  1. 5D AGO

    Two NCUA Cybersecurity Examiners Tell Us What They're Looking For in 2026

    We sat down with two NCUA Regional Information Security Officers to ask them point blank: what are you finding in exams, what do you want credit unions to fix, and what does "good" actually look like? Charles has been with the NCUA for 27 years. Murray left the agency, worked at a credit union, and came back. Between them, they've examined institutions from $50 million to $13 billion in assets. They don't hold back. In this episode, they walk through the most common deficiencies from 2025 exams (access controls, MFA gaps, vendor incident response), explain why expressing cyber risk in dollar terms is the single most important thing you can do for your board, and share what they're actually looking for on AI governance right now - even though the NCUA itself is still catching up. If you're prepping for an exam, presenting to your board, or trying to figure out what to do about AI, this is the episode. Resources we mentioned:  📘 How to Measure Anything in Cybersecurity Risk - Douglas Hubbard & Richard Seiersen  📊 Free Cyber Risk Assessment - rivialsecurity.com/cyber-risk-assessment  📄 AI Risk Management Whitepaper - rivialsecurity.com/resources  📋 AI Governance Assessment (NIST AI RMF) - rivialsecurity.com/resources  👥 Private Community for CU & Bank Leaders - rivialsecurity.com/community 🔗 rivialsecurity.com  📅 Book time with our team: rivialsecurity.com/contact-us #NCUA #CreditUnion #CyberRisk #CreditUnionPodcast #AIGovernance #RiskManagement #BoardReporting

    53 min

  2. APR 9

    Navigating AI and Security: Strategies for Credit Unions in a Shifting Threat Landscape

    In this insightful panel discussion, host Taylor Wells is joined by cybersecurity and IT leaders Will Reed and Kevin, representing billion-dollar credit unions from across the country. Together, they explore the pressing challenges and opportunities facing the financial sector, from the realities of AI adoption and evolving threat landscapes to the practicalities of building security teams, communicating cyber risk to boards, and staying audit-ready year-round. The conversation offers candid perspectives on managing digital transformation, preparing for NCUA exams, balancing member experience with security, and fostering a risk-aware culture—making this episode a must-listen for credit union professionals seeking actionable insights in an era of rapid technological change.

    51 min

  3. MAR 6

    Mastering Third-Party Risk: Deep Dive into Vendor Cybersecurity Management

    In this insightful episode, Lucas Hathaway, CRO @ Rivial Security takes listeners through the essential steps of maturing a third-party risk management program, with a special focus on cybersecurity reviews and vendor due diligence. Discover why regulators like the NCUA and FDIC are zeroing in on third-party risks and learn proven strategies for onboarding, classifying, and assessing vendors. Lucas Hathaway, CRO @ Rivial Security shares valuable stories from the field (including lessons learned from recent breaches), explains how to utilize questionnaires and SOC reports effectively, and offers practical tips for ongoing monitoring, incident response, and complementary user entity control (CUEC) testing. With actionable frameworks, relatable anecdotes, and free resources, this episode is a must-listen for financial institutions, security leaders, and anyone navigating the complexities of third-party vendor management.

    52 min

  4. FEB 17

    Cyber Risk, NCUA Compliance, and Board Engagement: Insights from CU Intersect 2026

    Join Jonathan Taylor, Shirley Sandwith, and guest Keaton Tanzer, Sales Manager at Rivial Security, as they broadcast from the CU Intersect 2026 conference in vibrant New Orleans.  In this episode, we dive deep into the evolving world of data security and compliance for credit unions, from navigating regulatory scrutiny and examiner trends to adopting flexible frameworks for organizations of all sizes.   Keaton shares practical strategies on cyber risk assessment, the importance of customizing compliance processes, and how to effectively communicate security initiatives to board members.  Plus, discover how smaller credit unions can stay ahead without being overwhelmed and why fostering real conversations at the board level is critical for successful governance.   Packed with actionable insights, this discussion is a must-listen for anyone in the credit union or financial institution space looking to innovate securely and keep their organization audit-ready.   Featured Topics: - Recent regulatory shifts and examiner expectations   - Cyber risk assessment tailored for every credit union   - Best practices for board reporting and quantitative analysis   - How to prepare for audits and leverage industry partnerships   - Resources and support for credit unions of all sizes Tune in for expert advice, industry stories, and a fresh perspective on cyber risk and compliance!

    17 min

  5. FEB 5

    Reporting Cybersecurity to the Board: Metrics, Communication, and Culture Change

    In this episode, hosts Taylor Wells and Lucas Hathaway, CRO @ Rivial Security are joined by Randy, founder and CEO of Rivial Security, to dive into the complexities of reporting cybersecurity to boards of directors—especially in banks and credit unions. The team discusses the importance of tailoring reports to non-technical board members, balancing regulatory and audit requirements with actionable insights, and fostering board engagement through meaningful metrics (including the shift toward quantitative, dollar-based cyber risk reporting). Listeners will hear practical advice on the length and frequency of board reports, how to train and guide boards to ask the right questions, and strategies for transitioning organizations from vague, high-medium-low risk reports to data-driven conversations about business impact and ROI. The episode answers real audience questions and shares insights from hundreds of board meetings, revealing common pitfalls and proven techniques for building trust, securing resources, and moving cybersecurity conversations beyond technical jargon into true resilience planning. Perfect for CISOs, risk leaders, and anyone responsible for cybersecurity board reporting, this episode delivers actionable takeaways, relatable stories, and expert guidance to help you elevate your next board presentation.

    51 min

  6. JAN 8

    Navigating 2026: Exam Readiness, AI Risk, and Vendor Strategy for Financial Institutions

    In this insightful panel episode, host Keaton Tanzer & Lucas Hathaway at Rivial Security are joined by Darrin Moorer, Senior VP and Information Security Officer at NBKC Bank, and Mike Sloan, Associate VP and ISO at the University of Kentucky Federal Credit Union, for a practical, forward-looking discussion on information security and compliance in financial institutions. Together, they unpack the most surprising and common regulator findings from 2025, discuss smooth exam experiences, and highlight the importance of continuous compliance. The conversation moves to strategies for staying "exam ready" in 2026, emphasizing documentation, ongoing evidence collection, and establishing cross-departmental ownership of risk. AI emerges as both a tool and a threat, prompting conversations around acceptable use policies, risk frameworks, custom training, and incident responses for AI-related scenarios. The panel explores how financial institutions are cautiously rolling out AI, tracking usage, and planning governance committees, while also diving into the complexities surrounding vendor and fourth-party risk assessments. The episode wraps up with budget season advice for 2026, prioritizing measurable risk reduction, the maturation and optimization of security programs, and board-level communication strategies that translate technical achievements into business impact. This episode offers actionable insights, practical tips, and real-world examples for security leaders, managers, and board members in the banking and credit union space as they navigate evolving expectations, technologies, and threats.

    58 min

  7. 11/05/2024

    Cybersecurity in 2024: Predictions from Security Leaders

    Tailored for security leaders, our on-demand webinar covers key topics that include: Top Priorities In Maintaining Compliance: Addressing compliance challenges in the ever-evolving cybersecurity landscape Evolving With AI: How industry leaders are leveraging AI to enhance their security measures. Adapting To New Risk Factors: How to adapt cybersecurity strategies to counter new risks. Best Practices For Cybersecurity: New Strategies to protect your critical systems and data.Learn how your peers are tackling current cybersecurity challenges today!

    1 hr

  8. 11/05/2024

    NCUA PANEL: INFOSEC & CYBERSECURITY IN 2024

    Ensure your credit union is compliant & secure in 2024. Hear from a panel of NCUA auditors about infosec & cybersecurity best practices for your credit union.

    1h 1m
See All (29)

5
out of 5
2 Ratings

About

The Rivial Data Security team discusses all things cybersecurity while enjoying their favorite brews. We keep it fun and laidback with special guests, personal stories, and some great advice for anyone managing a cybersecurity program.

Information

  • Creator
    Rivial Data Security
  • Years Active
    2021 - 2026
  • Episodes
    29
  • Rating
    Clean
  • Copyright
    © 2026 Rivial Data Security
  • Show Website
    Breaches & Brews