- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Jeff Dale2023-02-21T19:27:00
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at Compliance Week’s virtual Cyber Risk & Data Privacy Summit.
Maria Vullo, now an adjunct professor of law at Fordham University, said a strong cybersecurity program is structured with prevention, protection, mitigation, and governance as the core pillars.
Vullo advised starting with a risk assessment, stressing prevention is a “foundational requirement” of any good cybersecurity framework but not necessarily something companies should set and forget.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Tailoring your risk assessments to guidance from your relevant regulators is a good idea, a panel of compliance practitioners speaking at Compliance Week’s 2023 National Conference agreed. But it certainly isn’t the place to start.
Four senior compliance practitioners discuss how their respective companies invest in compliance with varying data privacy requirements.
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
The massive cyberattack on Change Healthcare has potentially compromised the personal and protected health information of an untold number of Americans, according to parent company UnitedHealth Group.
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
