All Cyber-Security articles – Page 5
-
Blog
Cyber-security due diligence: a new imperative
Weak cyber-security is as much a hallmark of corporate mismanagement as poor corporate governance, bad tone from the top, and check-the-box compliance. But by taking the due diligence aspects of cyber-security seriously, compliance officers can turn data protection into an opportunity. John Reed Stark has more.
-
Blog
Bill would amend SOX, add cyber-security certifications
Newly proposed legislation would amend the Sarbanes-Oxley Act to expand mandated internal controls reports and disclosures to include cyber-security systems and risks of publicly traded companies. The Cyber-security Systems and Risks Reporting Act, sponsored by Rep. Jim McDermott (D-Wash.), has been referred to the House Committee on Financial Services. Joe ...
-
Blog
Duff & Phelps enhances cyber-security practice
Duff & Phelps, a global valuation and corporate finance advisor, last week launched new cyber-security services that assist financial services companies in identifying and reducing cyber-security risk. This enhanced service offering enables the firm to manage cyber-security risk at every stage of preparedness
-
Blog
Avoiding Vanguard’s cyber-security stumble
Image: A recent incident at Vanguard in which the company unintentionally sent 71 e-mails pertaining to different customer transactions to a random Vanguard customer triggered a flawed response from the company that demonstrates how SEC-registered entities can underestimate just how difficult it is to manage customer data-related predicaments. CW’s John ...
-
Article
Putting FINRA’s priorities into practice
The Financial Industry Regulatory Authority’s full court press on addressing emerging and existing risks in the securities industry will continue to intensify in 2016, reinforced by a steady surge in restitution, disciplinary actions, and bars and suspensions over the last five years. What are FINRA’s top regulatory and examination priorities, ...
-
Blog
Third-party risk is "next frontier" in cyber war, Home Depot IA leader says
Third-party risk represents the “next frontier” in the ongoing cyber war, says Kelly Barrett vice president of internal audit and corporate compliance at Home Depot, where she navigated a cyber breach like it was “a blow to the head” and now tells the story of how the entity faced the ...
-
Blog
Cyber-security storms internal audit plans, poll finds
A new survey from Protiviti of 1,300 internal audit professionals shows that companies have made big progress in the past year integrating cyber-security risk into internal audit plans. Nearly three out of every four organizations include cyber-security risk in their internal audit plans, according to the poll, up from only ...
-
Article
Healthcare, ransomware, and effective cyber-security hygiene
Imagine this: You’re a large healthcare provider whose staff is having trouble accessing vital records in your hospital’s computer network. Your IT department begins an immediate investigation and determines the cause to be a malware attack. Worse yet, the attackers are demanding ransom to obtain the decryption key. How do ...
-
Blog
White House plan would double SEC’s budget by 2021
Don’t expect the proposal to emerge unscathed from its trip through partisan debate, but a budget plan announced this week by President Obama would provide the SEC and Commodity Futures Trading Commission the biggest boost to their bottom lines in recent years, with plans to double their fiscal year 2015 ...
-
Article
Preventing a payment card hack
Point of sales systems are the weak link in the chain when it comes to retail cyber-security. Recent data breaches at a number of prominent companies—including three in January alone—highlight the ever-increasing stakes for any organization responsible for handling customer data. Increasingly this is an issue that a strong compliance ...
-
Blog
SafeBreach Arms Defenders With the Hacker's Playbook
SafeBreach, a breach validation firm, last month officially announced the company and the general availability of its platform. Founded by former LivePerson CSO Guy Bejerano and renowned security researcher Itzik Kotler, SafeBreach enables any size organization to precisely and continuously quantify the risk of breaches from specific attack scenarios, harden ...
-
Blog
Chubb Launches Cyber-Incident Response Partnership With Crawford & Company
Property and casualty insurance company Chubb this week announced the launch of a new partnership with claims and crisis management provider Crawford & Company, as Chubb continues to invest in building its cyber enterprise risk management capabilities.
-
Article
Liability Protections Included in New Cyber-Security Law
You may have not even noticed it, but discreetly tucked into the massive omnibus spending bill signed into law last month is a provision that effectively makes it safer for companies to share cyber-threat information with one another—but critics argue the bill doesn’t go far enough to ease privacy concerns.
-
Article
Why Is Treasury Cracking Down on Big, Cash-Only Real Estate Transactions?
The real estate sector has remained an Achilles’ heel in anti-money laundering efforts by U.S. officials. Concerns that all-cash purchases of residential properties may be used to hide and launder illicit assets has prompted the Financial Crimes Enforcement Network to demand that title insurance companies report the beneficial owners behind ...
-
Blog
RMS Launches New Data Standard for Managing Cyber Insurance
Ahead of the February launch of its new suite of cyber-risk management tools, RMS today released its recently developed Cyber Exposure Data Schema. The ‘open standard’ data schema will provide the insurance industry with a systematic and uniform way to capture cyber exposure data and manage cyber accumulation risk.
-
Blog
The SEC’s Newly Proclaimed Search Warrant Authority
The Securities and Exchange Commission has broad subpoena powers that this dedicated corps of highly credentialed professionals—inspired by a noble sense of mission, and rich with a long history of investor advocacy—tries to use in the best way possible. But when it comes to issuing subpoenas for electronic storage devices, ...
-
Blog
PwC’s Cybersecurity Practice Adds New Principal
PwC US has appointed Patrick Hynes as a principal in the advisory cybersecurity practice, focused on cybercrime and breach response. He is based in PwC’s Los Angeles office. Hynes joins PwC with a strong background in cyber-security.
-
Blog
LifeLock to Pay $100 Million in FTC Case
LifeLock last month agreed to pay $100 million to settle Federal Trade Commission contempt charges that it violated the terms of a 2010 federal court order requiring the company to secure consumers’ personal information and prohibiting the company from deceptive advertising. The settlement represents the largest monetary award obtained by ...
-
Blog
Bill Requires Disclosure of Board’s Cyber-Security Expertise
Security experts have long pressured companies to bring cyber-security expertise onto their boards. U.S. Senators Jack Reed (D-R.I.) and Susan Collins (R-Maine) have introduced legislation known as the Cyber-security Disclosure Act of 2015 that could apply even more pressure. If passed, publicly traded companies would be required to disclose to ...
-
Article
Managing Cyber-Risk in the Healthcare Industry
Image: Recent high-profile data breaches at several major healthcare providers have jolted the industry, which is trying to piece together better ways to manage the risks. “As opposed to an organization trying to invest more money in firewalls or other types of technical solutions to protect against an intrusion, at ...