Reclamere

06/09/2026

🚨 Breach Alert: Texas Capital Bank 🚨

A reported data breach at Texas Capital Bank exposed sensitive personal information tied to thousands of individuals, including names and Social Security numbers. For financial institutions, this is the kind of incident that quickly becomes a trust, compliance, and customer-impact issue.

→ What happened:
Texas Capital Bank experienced a data breach in late April 2026, with regulatory filings indicating the incident took place on April 26 & 27th. The breach reportedly affected more than 86,000 Texas residents, and affected individuals are being notified by U.S. mail.

→ What stands out:
The exposed information reportedly included names and Social Security numbers. In financial services, that type of data carries long-term risk because it can be used for identity theft, fraudulent account activity, and other forms of misuse well after the initial incident response is complete.

→ Where organizations get exposed:
Financial institutions manage high volumes of sensitive customer data across core systems, third-party platforms, employee access points, and customer service workflows. When access, monitoring, and data visibility are not tightly aligned, sensitive information can become difficult to track, defend, and contain.

For banks and financial services organizations, cyber resilience requires continuous visibility into where sensitive information lives, how access is governed, whether third-party risk is being monitored, and how quickly suspicious activity can be detected and contained.

If sensitive customer information were accessed tomorrow, could your organization clearly explain what data was exposed, how it happened, and what controls were in place?

06/08/2026

Improper disposal is one of the more preventable paths to data exposure. It is also one of the hardest to defend after the fact.

The average U.S. data breach cost reached $10.22 million in 2025, and regulated industries continue to face some of the highest costs.

That matters because sensitive data does not only live in databases.

It can live on:

→ laptops
→ servers
→ copiers
→ printers
→ mobile devices
→ external drives
→ retired storage media

A strong ITAD process helps reduce exposure before it becomes a breach, an audit issue, or a legal problem.

Certified destruction and asset-level documentation should be part of every regulated organization’s risk strategy.

Get started with DS360: https://bit.ly/4o28XbB

06/04/2026

"Retired" does not always mean "risk-free". That’s especially true when old devices still contain sensitive data.

Research shows that over 20% of breaches are linked to improperly disposed devices. In many cases, the organization believed the data had already been deleted, wiped, or handled properly.

That assumption creates exposure.

Before devices leave your environment, the process should answer a few basic questions:

→ What data could this asset contain?
→ How will it be destroyed or sanitized?
→ Who will track custody?
→ What documentation will prove completion?

Secure ITAD should create confidence, not uncertainty. Explore DS360: https://bit.ly/4o28XbB

06/02/2026

A device that’s no longer in inventory can still pose a risk.

→ A laptop changes hands
→ A retired server gets stored in a closet
→ A branch location replaces equipment without updating the asset record

Individually, these feel like small process gaps. Over time, they become blind spots.

Research shows that 74% of cybersecurity incidents involve unknown or unmanaged assets.

That makes ITAM much more than an operational task. It directly affects your ability to secure, monitor, retire, and defend what’s in your environment.

If your asset inventory hasn’t been reviewed recently, it may be time for a closer look.

See how DS360 can provide structure to your ITAM: https://bit.ly/4o28XbB

06/01/2026

Cybersecurity readiness is being measured differently than it was even a few years ago.

For SMBs, the pressure is coming from multiple directions at once:

→ attackers moving faster
→ insurers asking for proof
→ regulators expecting operational controls
→ boards needing clearer answers
→ AI introducing new governance questions

That is why resilience has to be more than a written plan or a collection of tools.

In our latest blog series, we look at three areas shaping the next phase of SMB cybersecurity:

1️⃣ Confidence vs. Reality
Why many SMBs believe they are prepared for a cyberattack, but still have gaps that only surface under pressure.
Read more: https://bit.ly/4dvvKaU

2️⃣ From Paper Plan to Real Resilience
What cyber insurance providers now expect and why operational proof matters more than policy ownership.
Read more: https://bit.ly/4v8qjWU

3️⃣ The Modern vCISO
How SMB security leadership is evolving as cyber risk, compliance, insurance, AI, and business continuity continue to overlap.
Read more: https://bit.ly/4nJQqAE

If your organization is rethinking what readiness should look like, these are a good place to start.

05/29/2026

25 years... A lot of change, a lot of growth, and a lot of great people along the way.

Earlier this month, we had the opportunity to pause, celebrate, and reflect on the relationships and experiences that helped shape Reclamere into what it is today.

Here are a few moments from the celebration!

05/29/2026

Most organizations we talk to have tools in place, they’ve made investments, and there’s effort behind the program.

What tends to be less clear is how all of those pieces connect, and whether they hold up when viewed from the outside.

That’s where an external perspective can be useful.

Resilience360 is designed to help leadership teams step back and evaluate their environment through the lens of exposure, governance, and accountability. The goal is to provide clarity on where attention should be focused and how decisions can be supported moving forward.

If you’ve been looking for a more structured way to understand your current position, this is a great place to start.

Resilience360: https://bit.ly/4kqgWxs

05/28/2026

We were grateful for the opportunity to attend the LeadingAge PA 2026 Annual Conference and spend time with leaders across the aging services community.

The conversations throughout the event reinforced something we often see in healthcare and senior living environments: protecting sensitive data, maintaining trust, and preparing for disruption are interconnected.

As organizations continue to navigate regulatory expectations, workforce pressures, technological changes, and cybersecurity risks, the need for practical, defensible planning continues to grow.

Thank you to LeadingAge PA for bringing together such a thoughtful community of leaders, partners, and changemakers!

05/28/2026

Cybersecurity leadership is changing.

For many, the challenge is figuring out how to lead a security program effectively without the resources of a large enterprise.

That’s where the modern vCISO model is becoming increasingly important.

We explore how the role is evolving beyond compliance oversight into much broader areas: governance, resilience planning, AI risk management, third-party oversight, and leadership alignment.

The Modern vCISO: https://bit.ly/4nJQqAE

SMBs must now determine which executive-level cybersecurity leadership model realistically fits their needs over the next five years.

05/27/2026

Cybersecurity efforts tend to concentrate on what is active in the environment.

Less attention is given to how assets are introduced, managed over time, and eventually retired.

From what we’ve seen, resilience improves when organizations manage assets intentionally across:

1. Visibility and ownership
2. Monitoring and control
3. Secure disposition
4. Audit readiness

We mapped this out in a simple framework. Take a look!

Download our guide: https://bit.ly/3ZQrw7k