All cyber-risk articles
-
Premium
Ask a CCO: What’s your strategy for preventing and detecting data breaches?
Five senior compliance practitioners outline their strategies for protecting their firms from data breaches.
-
Premium
Ask a CCO: How is your company reacting to cyber-risks introduced by COVID-19?
Five senior compliance practitioners tell Compliance Week how their organizations are reacting to new cyber-threats introduced by the pandemic.
-
Premium
Ask a CCO: What’s your role in creating/implementing cyber-security policies?
Five senior compliance practitioners share insights on their roles in implementing and overseeing cyber-security policies and procedures.
-
Article
Special report: Compliance, infosec & battling cyber threats
LifePoint Health’s VP for Compliance Program Operations/Chief Privacy Officer Ellen Hunt and VP/CISO Andy Heins share how they work ”hand in glove” to protect their company’s data from bad actors.
-
Article
Survey: Firms enhanced cybersecurity in 2020, but not enough
Companies forced to pivot to remote work in a global health crisis spent the bulk of 2020 grappling with heightened cyber-security risks. A year later, compliance practitioners say their companies’ cyber-security postures are better for it—even in the wake of the stunning SolarWinds hack.
-
Article
Audit committee best practices for understanding and acting on cyber-threats
Cyber-security risk oversight is the area with the greatest increase in audit committee disclosures in proxy statements, so you better make sure you’ve got a handle on understanding your responsibilities.
-
Article
Q&A: New training takes compliance leaders on ‘non-technical’ cyber-journey
A new training offered by renown expert Paul C. Dwyer helps non-technical practitioners gain confidence in dealing with all aspects of cyber-security or cyber-risk.
-
Blog
New solution transforms how boards manage cyber-risk
Secure Systems Innovation Corporation (SSIC), a cyber-risk management firm, has expanded its application of X-Analytics, its patented method for measuring and modeling cyber risk, for executives and boards seeking clarity related to the economics of cyber-risk management.
-
Article
Recent data breaches impart third-party risk lessons
The data breaches at Yahoo, Equifax, and the SEC send a collective warning to organizations everywhere to improve their own third-party risk assessment.
-
Blog
OCC report highlights evolving risks
The Office of the Comptroller of the Currency has released its latest assessment of the strategic, credit, operational, and compliance risks that are top and evolving concerns for the federal banking system.
-
Blog
Edgile introduces technology diagnostics managed service for financial firms
Edgile, a security and risk consulting firm and provider of industry-specific regulatory content libraries, recently introduced its Technology Diagnostics Managed Service, providing financial services first with critical insights to more quickly and effectively assess their cyber practices, risks, and compliance readiness.
-
Blog
FBI cyber leader joins FTI Consulting
FTI Consulting, a global business advisory firm, announced that Anthony Ferrante, former Director for Cyber Incident Response at the U.S. National Security Council and Supervisory Special Agent at the Federal Bureau of Investigation, has joined the firm’s Global Risk & Investigations Practice within its Forensic & Litigation Consulting segment as ...
-
Blog
CyberGRX unveils third-party cyber global risk exchange
CyberGRX, a third-party cyber-risk management platform provider, recently unveiled a first-of-its-kind cyber risk assessment exchange for sharing third-party security information.
-
Article
What corporate meltdowns teach us about ERM
Joe Mont talks to Steven Minsky, CEO of LogicManager, about how disruptive technology demands that businesses practice better governance and enterprise risk management.
-
Blog
LockPath, Edgile partnership enhances compliance and cyber-risk oversight
LockPath, a GRC software provider, recently announced a partnership with Edgile, a security and risk consulting firm and provider of industry-specific regulatory content libraries. Edgile will support implementations of LockPath’s Keylight platform, allowing organizations to more efficiently manage both their compliance and cyber risk.
-
Blog
Banks may face enhanced cyber-risk management rules
Federal bank regulators are considering a slate of enhanced cyber-security, risk management, and resiliency standards. The new rules would apply to directors and auditors. Joe Mont reports.
-
Blog
NY’s financial regulator will oversee new cyber-security rules
New York has announced a new “first-in-the-nation regulation” requiring that banks and insurance companies overseen by its Department of Financial Services establish cyber-security programs and certify the effectiveness. Joe Mont reports.
-
Article
BAE Systems on what compliance needs to know about cyber risk
As cyber risk continues to increase, companies need to step up their security skills when it comes to procurement, audit, compliance, and legal on a variety of fronts. And that is just the beginning, says Bill Sweeney, financial services evangelist at BAE Systems Applied Intelligence, in an exclusive interview with ...
-
Article
Former FTC Commissioner Brill on data security, privacy protections
Joe Mont speaks to Julie Brill, who for the past six years was among the FTC’s most influential commissioners and an important voice on internet privacy and data security issues. In April, she left public service to join the law firm Hogan Lovells as a partner and co-director of its ...
-
Article
Internal audit joins the fight against cyber-threats
As organizations face ever-increasing cyber-security threats, experts are prodding internal auditors to get more involved in at least identifying the risks, even if they aren’t information technology experts. Basic compliance practices can significantly reduce a company’s cyber-exposure, but it needs somebody to drive the effort.