All cybersecurity articles
-
ArticleCompliance must prepare for post-quantum cryptography requirements in contracts
While companies focus on the risks, opportunities, and regulations emerging around AI, the next tech challenge is already on the horizon. Quantum computers are here – and so are the associated crime risks, plus some encryption protections.
-
ArticleRetail energy compliance must focus on resilience and reporting
Cybercrime and national critical infrastructure responsibilities are key concerns for retail energy sector compliance. Resilience is vital for companies that keep the lights on and power financial institutions and hospitals.
-
OpinionWhy the EU’s new Machinery Regulation is a wake-up call on cybersecurity
The European manufacturing industry is on the cusp of a regulatory shift that promises to reshape how machines are designed and operated.
-
ArticleFCC rolls back Biden-era cybersecurity requirements for telecoms
Telecommunication companies are now on the honor system to protect their networks from cyber attacks, following a Federal Communications Commission (FCC) vote that removed requirements that they harden their networks.
-
ArticleNY auto insurers on the hook for $19M for cybersecurity violations
Eight auto insurers failed to meet the requirements of New York’s cybersecurity regulations during widespread online attacks in 2021 and will pay $19 million under consent orders with the New York State Department of Financial Services (NYDFS).
-
ArticleGeorgia Tech to pay $875,000 for allegations brought by compliance officers
Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
-
ArticleRetailers face new compliance pressures from tariffs, sanctions, fraud and cybercrime
Regulators are pressuring retail compliance teams on supply chains, shifting sanctions and tariffs, sustainability, and digital commerce. Rising cyberattacks heighten data security concerns, while large retailers push legal and commercial requirements down their supply chains.
-
PremiumNavigating top risks in the insurance industry
Cyber threats, climate-related catastrophes, and disruptive technologies remain top risks reshaping the U.S. insurance industry. The question is how chief risk officers at the nation’s largest insurers are confronting them.
-
ArticleCalifornia privacy regulator unveils new cyber, risk, and automation rules
Businesses operating in California will need to meet new, first-in-the-nation privacy requirements for cybersecurity, risk assessments, and automated decision-making technology, under a large expansion of rules by the state.
-
PremiumCalls for audit reforms intensify after hackers attack Harrods and other top UK retailers
Cyberattacks on major UK retailers, including Marks & Spencer, Harrods and Co-op, left the companies scrambling to reassure customers and staff about stolen data, pushing issues of cybersecurity and cyber resilience back into the national debate. Now the question is whether compliance managers should expect more technology regulations, or will ...
-
News BriefNYDFS to continue crypto enforcement, Superintendent Harris says
The New York Department of Financial Services (NYDFS), led by Superintendent Adrienne Harris, doesn’t intend to let up on cryptocurrency enforcement, even in the face of pullback from the federal government.
-
News BriefDOJ fines MORSE Corp $4.6M for lax cyber controls amid crack down on federal contractors
Yet another government contractor has been slapped with a fine by the Department of Justice for applying lax cybersecurity defenses on sensitive government data.
-
ResourceWhite paper: Constructing a Cohesive Cybersecurity Foundation
The individual requirements for your security and risk operations are increasingly complex—and interconnected. Yet despite this increased interconnectivity, many organizations still manage their security operations (SecOps) and integrated risk management (IRM) functions in silos.
-
News BriefDOJ orders consultants to pay $11.3M total for cyber rule violations
Guidehouse and Nan McKay and Associates will pay a total of $11.3 million to the Department of Justice (DOJ) to settle allegations that cybersecurity failures led to the theft of client personal information during the height of the COVID-19 pandemic.
-
ResourceWhite paper: SEC doubles down on cyber risk management accountability
To help investors gain a better understanding of cyber risk, the US Securities and Exchange Commission (SEC) has created sweeping new rules—forcing companies to take a more proactive approach to cybersecurity.
-
ResourceWhite paper: 2021 Consumer Cybersecurity Poll Executive Report
To uncover Americans’ top cybersecurity concerns, CSI partnered with The Harris Poll to survey more than 2,000 U.S. adults age 18 and above about their perceptions, fears and expectations related to cybersecurity.
-
TrainingOn-demand training: Protect your company from cyber risks
Take this self-directed, interactive course to deepen your understanding of cybersecurity risks and learn about the latest regulations to keep your organization compliant and prepared for today’s dangerous cyber environment.
-
SponsoredThe Cost of Third-Party Cybersecurity Risk Management
Survey of 600 IT security professionals finds organizations and third parties view their third-party cyber risk management (TPCRM) practices as important but ineffective today.
-
Blog
CAQ arms directors with cyber risk roadmap
To stoke more board inquiry on cyber-security, the CAQ has published a primer on questions that management and external auditors should be ready to answer.
-
Article
Better cyber-security through better cyber-compliance training
The Achilles’ heel of every cyber-security program is compliance. Javvad Malik offers some tips on how the right kind of training can fix that.