Blogs
The Marriage of Security and Privacy
In 2026, the integration of security and privacy is no longer optional. Explore how NIST SP 800-53 Rev 5 unifies controls, eliminates silos, and helps organizations streamline GDPR, CCPA, and cyber resilience efforts for stronger data protection and compliance.
The Digital Shift: Streamlining the Closing Table: Blog 3 of 4
Discover how President Trump’s March 2026 Executive Order on Promoting Access to Mortgage Credit drives digital mortgage modernization. Part Three explores eliminating wet signatures, standardizing remote online notarization (RON), e-signatures, e-notes, and streamlining the right to rescission - making closings faster, cheaper, and fully digital for borrowers, lenders, and community banks in 2026.
The Predictive Edge: Why Cybersecurity is the Next Frontier for Mortgage Risk Managers
Discover how mortgage risk managers can leverage predictive analytics and regression models to master cybersecurity risk in 2026. Treat network security as a "digital credit score" for proactive breach prevention, optimized resource allocation, and cyber resilience in lending.
Defense in Depth: Redundancy is your Friend
Discover why defense-in-depth is essential for robust cybersecurity. Layered redundancies turn single points of failure into resilient barriers, protecting your business from phishing, malware, and breaches—even when one layer fails.
Yes, Virginia, There IS A Link Between Cybersecurity and Fair Lending Compliance
Discover how cybersecurity directly impacts fair lending compliance in mortgages. From data integrity to vendor risks and system availability, protect against disparate impact violations under ECOA and FHA.
Freddie Mac Information Security Requirements
Explore Freddie Mac's information security requirements categorized into administrative, technical, and operational controls for defense-in-depth. Expert insights from CISSP Kevin Robinson on building a comprehensive cybersecurity strategy for Seller/Servicers.
Fannie Mae Information Security Requirements
Explore Fannie Mae's 14 key information security domains in the Business Resiliency Supplement. Learn how administrative, technical, and operational controls protect sensitive borrower data for lenders and servicers.
Cybersecurity Is Strategic
Cybersecurity decisions impact the entire organization. They must be strategic, guiding long-term outcomes like the WWII "defeat Germany first" approach. Integrate security from idea inception to influence design, processes, and culture. Prioritize it to ensure availability, confidentiality, and data integrity.
Cyber Risk is Systemic
Cyber risk is like a domino effect. Today’s businesses rely on so many connected pieces (cloud services, apps, the internet, and even employees clicking the wrong email) that a problem in one spot can quickly spread and hurt the whole company. Learn how you can help protect against it, especially in the mortgage industry which is part of the bigger financial world.
Everyone Owns Cyber Risk: Shared Responsibility in Mortgage Cybersecurity
In the mortgage industry, cyber risk cuts across every department, from board oversight to compliance with GLBA Safeguards Rule. True protection requires everyone to own it, not just the CISO.
What is Cybersecurity? A Simple Guide for Mortgage Lenders
What is cybersecurity? A straightforward explanation of cybersecurity risk management, the CIA triad, and why mortgage lenders need it for GLBA Safeguards Rule and Regulation S-P compliance. Learn more here from The Commonwealth Group.
Embracing the Future: The Commonwealth Group and CondoAnalytics Look Ahead to 2026
As we step into 2026, The Commonwealth Group and CondoAnalytics are excited to lead the mortgage industry forward with our guiding pillars: Respect, Innovation, and Trust.
The Critical Role of Cybersecurity in Mortgage Lending: Protecting Your Business & Clients
In an era of digital transformation in the mortgage industry, cybersecurity is crucial for protecting sensitive data and ensuring compliance. The post discusses threats like ransomware and phishing, vulnerabilities in the sector, consequences of breaches, regulatory requirements, and best practices for strengthening defenses.