Prepared for All Gulf Coast Bank & Trust Company Colleagues
From: Kyle Gill, Information Security Officer
Reporting Period: June 1–24, 2026

Executive Summary

June 2026 was an active month for cybersecurity threats and vulnerabilities. Major vendors including Microsoft, Cisco, Citrix, Fortinet, Google, and Ivanti released security updates for vulnerabilities that were actively exploited or considered high risk. Financial institutions continue to be targeted by ransomware operators, credential thieves, and attackers seeking access to remote systems.

At-a-Glance Risk Dashboard

• Overall Cyber Risk: HIGH
• Active Exploitation: HIGH
• Ransomware Threat: ELEVATED
• Employee Phishing Risk: HIGH

Key Takeaways

• Multiple vulnerabilities were actively exploited in the wild.
• Financial institutions remain attractive targets for cybercriminals.
• VPNs, firewalls, and remote access systems continue to be primary targets.
• Prompt patching and MFA remain the most effective defenses.
• Use multi-factor authentication whenever available.
• Be cautious of unexpected emails, links, and attachments.
• Report suspicious activity immediately to Information Security.
• Keep devices updated and restart when prompted for security updates.
• Never share passwords or approval codes.

Threat Trends

Most observed threats during June involved credential theft, remote code execution, privilege escalation, and ransomware-related activity. Attackers increasingly targeted internet-facing systems and remote management interfaces.

Major June Vulnerabilities

What Employees Should Do

Overall Risk Assessment

Overall Cyber Risk for June 2026: HIGH. The largest risks continue to be exploitation of known vulnerabilities and credential theft. Strong patch management, security awareness, and multi-factor authentication remain critical defenses.

Thank you for helping keep Gulf Coast Bank & Trust Company secure.

Kyle Gill
Information Security Officer