All Cyber-Security articles – Page 4
-
Article
New York’s proposed cyber-security compliance challenge
Starting in January, strict new rules form the Empire State will require compliance officers to make sure their organizations make the grade when it comes to data protection. More from Todd Taylor.
-
Blog
Cordium names VP of cyber-security and data protection services
Cordium, a GRC services provider to financial and professional services firms, has appointed Richard Hudson as vice president of its cyber-security and data protection consulting services.
-
Blog
NY delays cyber-security rules for banks, will revise requirements
New York’s Department of Financial Services has delayed implementation of its new cyber-security rules for banks and plans to announce changes to the requirements next week. Joe Mont explores.
-
Article
Internet of Things ramp-up expands compliance risk considerations
Companies are lacking at providing security testing for products manufactured with Internet of Things, reports David Bogoslaw.
-
Article
Before M&A, think cyber: what every board needs to know
Nothing can sideline a merger or acquisition quite so well as dodgy cyber-security compliance. Simone Petrella discusses what every board should know in advance.
-
Article
Better cyber-security through better cyber-compliance training
The Achilles’ heel of every cyber-security program is compliance. Javvad Malik offers some tips on how the right kind of training can fix that.
-
Article
New York’s new cyber-security demands draw near
The Empire State is on track to impose a comprehensive slate of new cyber-security rules for banks and their vendors. More from Joe Mont.
-
Blog
TrapX releases deception-based security solution
TrapX, a deception-based cyber-security defense provider, recently released the world’s first deception-based security solution specifically designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks.
-
Article
Despite heightened risks, auditors limit cyber-questions
Auditors are arming up to be more proactive in the escalating cyber-war, but this year they’re still limiting their focus to financial statement risk. Tammy Whitehouse has more.
-
Article
TalkTalk’s £400,000 data hack fine is a dire warning
Regulators have used TalkTalk as an example that they can and will go after companies that take cyber-security and protecting customer data lightly. Neil Hodge explores.
-
Article
Fending off executive impersonation schemes
Everybody thinks they would never fall for an obvious cyber-scam … until they do. Jaclyn Jaeger reports.
-
Blog
There simply are not enough cyber-security specialists
Companies need to get much more aggressive when it comes to recruiting the right talent to head their cyber-security efforts, writes John Reed Stark.
-
Blog
CAQ: Audit’s role in cyber-security exams
Public company auditors are suggesting that companies voluntarily submit to an independent cyber-security examination separate from the existing financial statement audit. Tammy Whitehouse explores a new process for examining and reporting on a company’s cyber-security risk management.
-
Blog
NY’s financial regulator will oversee new cyber-security rules
New York has announced a new “first-in-the-nation regulation” requiring that banks and insurance companies overseen by its Department of Financial Services establish cyber-security programs and certify the effectiveness. Joe Mont reports.
-
Article
Federal contractors brace for insider threat rule
A new Department of Defense rule requires contractors to detect, deter, and mitigate insider threats. But how they should achieve that leaves plenty of gray areas, which does not sit well with contractors. Jaclyn Jaeger reports.
-
Article
This is not a game: Scenario planning can help protect your organization’s reputation
With some 4,000 cyber-attacks occurring every day, compliance officers are looking for any solution to help protect their organization from cyber-risk. A method worth considering is wargaming: a simulation that provides a live example of what a cyber-attack might look like and illustrates what can be to better protect the ...
-
Article
BAE Systems on what compliance needs to know about cyber risk
As cyber risk continues to increase, companies need to step up their security skills when it comes to procurement, audit, compliance, and legal on a variety of fronts. And that is just the beginning, says Bill Sweeney, financial services evangelist at BAE Systems Applied Intelligence, in an exclusive interview with ...
-
Article
In cyber-security, the real enemy strikes from within
While organizations are trying to understand their cyber-risk and how best to address it, focusing on external threats can overlook an even greater problem, say guest contributors Mark Dorosz and Jennifer Benson: security flaws from internal employees who don’t understand, or don’t care, about upholding the organization’s defenses.
-
Blog
BDO expands Technology Advisory Services practice
BDO Consulting, a division of professional services organization BDO USA, has appointed Judy Selby as Managing Director in the firm’s Technology Advisory Services practice.
-
Blog
SEC Enforcement Hits Morgan Stanley for Cybersecurity Failure
The SEC brought its latest case under Regulation S-P today, announcing a settled administrative proceeding against Morgan Stanley Smith Barney LLC. Morgan Stanley agreed to pay a $1 million penalty to settle the agency's charges that it failed to protect customer data, some of which was hacked and offered for ...