All cyber-risk articles
-
Blog post
New solution transforms how boards manage cyber-risk
Secure Systems Innovation Corporation (SSIC), a cyber-risk management firm, has expanded its application of X-Analytics, its patented method for measuring and modeling cyber risk, for executives and boards seeking clarity related to the economics of cyber-risk management.
-
Article
Recent data breaches impart third-party risk lessons
The data breaches at Yahoo, Equifax, and the SEC send a collective warning to organizations everywhere to improve their own third-party risk assessment.
-
Blog post
OCC report highlights evolving risks
The Office of the Comptroller of the Currency has released its latest assessment of the strategic, credit, operational, and compliance risks that are top and evolving concerns for the federal banking system.
-
Blog post
Edgile introduces technology diagnostics managed service for financial firms
Edgile, a security and risk consulting firm and provider of industry-specific regulatory content libraries, recently introduced its Technology Diagnostics Managed Service, providing financial services first with critical insights to more quickly and effectively assess their cyber practices, risks, and compliance readiness.
-
Blog post
FBI cyber leader joins FTI Consulting
FTI Consulting, a global business advisory firm, announced that Anthony Ferrante, former Director for Cyber Incident Response at the U.S. National Security Council and Supervisory Special Agent at the Federal Bureau of Investigation, has joined the firm’s Global Risk & Investigations Practice within its Forensic & Litigation Consulting segment as ...
-
Blog post
CyberGRX unveils third-party cyber global risk exchange
CyberGRX, a third-party cyber-risk management platform provider, recently unveiled a first-of-its-kind cyber risk assessment exchange for sharing third-party security information.
-
Article
What corporate meltdowns teach us about ERM
Joe Mont talks to Steven Minsky, CEO of LogicManager, about how disruptive technology demands that businesses practice better governance and enterprise risk management.
-
Blog post
LockPath, Edgile partnership enhances compliance and cyber-risk oversight
LockPath, a GRC software provider, recently announced a partnership with Edgile, a security and risk consulting firm and provider of industry-specific regulatory content libraries. Edgile will support implementations of LockPath’s Keylight platform, allowing organizations to more efficiently manage both their compliance and cyber risk.
-
Blog post
Banks may face enhanced cyber-risk management rules
Federal bank regulators are considering a slate of enhanced cyber-security, risk management, and resiliency standards. The new rules would apply to directors and auditors. Joe Mont reports.
-
Blog post
NY’s financial regulator will oversee new cyber-security rules
New York has announced a new “first-in-the-nation regulation” requiring that banks and insurance companies overseen by its Department of Financial Services establish cyber-security programs and certify the effectiveness. Joe Mont reports.
-
Article
BAE Systems on what compliance needs to know about cyber risk
As cyber risk continues to increase, companies need to step up their security skills when it comes to procurement, audit, compliance, and legal on a variety of fronts. And that is just the beginning, says Bill Sweeney, financial services evangelist at BAE Systems Applied Intelligence, in an exclusive interview with ...
-
Article
Former FTC Commissioner Brill on data security, privacy protections
Joe Mont speaks to Julie Brill, who for the past six years was among the FTC’s most influential commissioners and an important voice on internet privacy and data security issues. In April, she left public service to join the law firm Hogan Lovells as a partner and co-director of its ...
-
ArticleInternal audit joins the fight against cyber-threats
As organizations face ever-increasing cyber-security threats, experts are prodding internal auditors to get more involved in at least identifying the risks, even if they aren’t information technology experts. Basic compliance practices can significantly reduce a company’s cyber-exposure, but it needs somebody to drive the effort.
-
Blog post
IOSCO updates securities markets risk assessment
The International Organization of Securities Commissions has published the “IOSCO Securities Markets Risk Outlook 2016,” examining key trends in global financial markets and their potential risks to financial stability. Among matters addressed in the forward-looking report: corporate bond market liquidity; the use of collateral in financial transactions; and cyber-threats.
-
Blog post
Podcast: how boards can improve risk response
In the latest CW podcast, we chat with Steven Kreit, partner with accounting firm EisnerAmper, about the firm’s recent “Concerns About Risks Confronting Corporate Boards” survey. Director worries haven’t changed much since last year, with reputation risk and cyber-security perennial causes of angst, according to the survey. However, there does ...
-
Article
The Silver Lining of Sharing Data on Cyber-Risks
After many months of debate, President Obama finally signed the Cyber-Security Information Sharing Act into law. The question businesses are asking: In practical terms, is it good news or yet another cyber-security-triggered migraine? While concerns abound, notably around privacy issues, companies may still find plenty to appreciate in the legislation ...
-
Blog post
RMS Launches New Data Standard for Managing Cyber Insurance
Ahead of the February launch of its new suite of cyber-risk management tools, RMS today released its recently developed Cyber Exposure Data Schema. The ‘open standard’ data schema will provide the insurance industry with a systematic and uniform way to capture cyber exposure data and manage cyber accumulation risk.
-
Blog post
Report Card on This Year, and Governance Predictions for 2016
As one year closes and another begins, so does the cycle of talk on what corporate governance issues will challenge Corporate America in 2016. Inside, columnist Richard Steinberg reviews what he thought the big issues of 2015 would be (cyber-risk, shareholder proxy access, CEO succession, etc.), and how those subjects—and ...
-
Article
The Keys to Better Access Control Systems
Image: Gone are the days when “access control” meant locking your door or filing cabinet. Now compliance, IT, and audit teams must collaborate on controls to access networks rather than physical stores of information. Inside, we look at three best practices to design strong access control and at how to ...
-
Article
FSOC Report Offers Tea Leaves for Future Regulatory Focus
What are the top threats to the U.S. financial system? In a new report, the Financial Stability Oversight Council cites cyber-security, financial innovations, and high-frequency trading among the problems regulators must address. Critics fret, however, that the agency wants “to get rid of the capital markets and replace everything with ...
