All cyber-risk articles

  • Cyber risk

    Audit committee best practices for understanding and acting on cyber-threats


    Cyber-security risk oversight is the area with the greatest increase in audit committee disclosures in proxy statements, so you better make sure you’ve got a handle on understanding your responsibilities.

  • Paul C. Dwyer

    Q&A: New training takes compliance leaders on ‘non-technical’ cyber-journey


    A new training offered by renown expert Paul C. Dwyer helps non-technical practitioners gain confidence in dealing with all aspects of cyber-security or cyber-risk.

  • Blog post

    New solution transforms how boards manage cyber-risk


    Secure Systems Innovation Corporation (SSIC), a cyber-risk management firm, has expanded its application of X-Analytics, its patented method for measuring and modeling cyber risk, for executives and boards seeking clarity related to the economics of cyber-risk management.

  • Article

    Recent data breaches impart third-party risk lessons


    The data breaches at Yahoo, Equifax, and the SEC send a collective warning to organizations everywhere to improve their own third-party risk assessment.

  • Blog post

    OCC report highlights evolving risks


    The Office of the Comptroller of the Currency has released its latest assessment of the strategic, credit, operational, and compliance risks that are top and evolving concerns for the federal banking system.

  • Blog post

    Edgile introduces technology diagnostics managed service for financial firms


    Edgile, a security and risk consulting firm and provider of industry-specific regulatory content libraries, recently introduced its Technology Diagnostics Managed Service, providing financial services first with critical insights to more quickly and effectively assess their cyber practices, risks, and compliance readiness.

  • Blog post

    FBI cyber leader joins FTI Consulting


    FTI Consulting, a global business advisory firm, announced that Anthony Ferrante, former Director for Cyber Incident Response at the U.S. National Security Council and Supervisory Special Agent at the Federal Bureau of Investigation, has joined the firm’s Global Risk & Investigations Practice within its Forensic & Litigation Consulting segment as ...

  • Blog post

    CyberGRX unveils third-party cyber global risk exchange


    CyberGRX, a third-party cyber-risk management platform provider, recently unveiled a first-of-its-kind cyber risk assessment exchange for sharing third-party security information.

  • Article

    What corporate meltdowns teach us about ERM


    Joe Mont talks to Steven Minsky, CEO of LogicManager, about how disruptive technology demands that businesses practice better governance and enterprise risk management.

  • Blog post

    LockPath, Edgile partnership enhances compliance and cyber-risk oversight


    LockPath, a GRC software provider, recently announced a partnership with Edgile, a security and risk consulting firm and provider of industry-specific regulatory content libraries. Edgile will support implementations of LockPath’s Keylight platform, allowing organizations to more efficiently manage both their compliance and cyber risk.

  • Blog post

    Banks may face enhanced cyber-risk management rules


    Federal bank regulators are considering a slate of enhanced cyber-security, risk management, and resiliency standards. The new rules would apply to directors and auditors. Joe Mont reports.

  • Blog post

    NY’s financial regulator will oversee new cyber-security rules


    New York has announced a new “first-in-the-nation regulation” requiring that banks and insurance companies overseen by its Department of Financial Services establish cyber-security programs and certify the effectiveness. Joe Mont reports.

  • Article

    BAE Systems on what compliance needs to know about cyber risk


    As cyber risk continues to increase, companies need to step up their security skills when it comes to procurement, audit, compliance, and legal on a variety of fronts. And that is just the beginning, says Bill Sweeney, financial services evangelist at BAE Systems Applied Intelligence, in an exclusive interview with ...

  • Article

    Former FTC Commissioner Brill on data security, privacy protections


    Joe Mont speaks to Julie Brill, who for the past six years was among the FTC’s most influential commissioners and an important voice on internet privacy and data security issues. In April, she left public service to join the law firm Hogan Lovells as a partner and co-director of its ...

  • CyberThreat

    Internal audit joins the fight against cyber-threats


    As organizations face ever-increasing cyber-security threats, experts are prodding internal auditors to get more involved in at least identifying the risks, even if they aren’t information technology experts. Basic compliance practices can significantly reduce a company’s cyber-exposure, but it needs somebody to drive the effort.

  • Blog post

    IOSCO updates securities markets risk assessment


    The International Organization of Securities Commissions has published the “IOSCO Securities Markets Risk Outlook 2016,” examining key trends in global financial markets and their potential risks to financial stability. Among matters addressed in the forward-looking report: corporate bond market liquidity; the use of collateral in financial transactions; and cyber-threats.

  • Blog post

    Podcast: how boards can improve risk response


    In the latest CW podcast, we chat with Steven Kreit, partner with accounting firm EisnerAmper, about the firm’s recent “Concerns About Risks Confronting Corporate Boards” survey. Director worries haven’t changed much since last year, with reputation risk and cyber-security perennial causes of angst, according to the survey. However, there does ...

  • Article

    The Silver Lining of Sharing Data on Cyber-Risks


    After many months of debate, President Obama finally signed the Cyber-Security Information Sharing Act into law. The question businesses are asking: In practical terms, is it good news or yet another cyber-security-triggered migraine? While concerns abound, notably around privacy issues, companies may still find plenty to appreciate in the legislation ...

  • Blog post

    RMS Launches New Data Standard for Managing Cyber Insurance


    Ahead of the February launch of its new suite of cyber-risk management tools, RMS today released its recently developed Cyber Exposure Data Schema. The ‘open standard’ data schema will provide the insurance industry with a systematic and uniform way to capture cyber exposure data and manage cyber accumulation risk.

  • Blog post

    Report Card on This Year, and Governance Predictions for 2016


    As one year closes and another begins, so does the cycle of talk on what corporate governance issues will challenge Corporate America in 2016. Inside, columnist Richard Steinberg reviews what he thought the big issues of 2015 would be (cyber-risk, shareholder proxy access, CEO succession, etc.), and how those subjects—and ...