As you all know better than me, compliance and audit executives spend plenty of time these days worrying about cybersecurity. So when I spent a few days last week on the road talking to compliance professionals, the subject came up quite a bit.
The first bit of good advice I heard came from an old law enforcement guy (all the old law enforcement professionals are guys) who is now an executive at one of the large GRC vendors with a thriving investigations practice. This guy had been working money-laundering investigations since the 1970s, for the FBI and state police and lord knows what other agencies. He has seen a lot. So I started to ask what he and his firm are doing to help companies with cybersecurity.
