Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 10-day trial to continue exploring with full access.

BAE Systems on what compliance needs to know about cyber risk

Joe Mont | July 26, 2016

Despite their best efforts, companies are increasingly vulnerable to cyber risk, driving home the realization that a reactive, check-the-box mentality towards cyber-security is no longer acceptable.

We spoke with Bill Sweeney, financial services evangelist at BAE Systems Applied Intelligence, about the changing threat landscape and how companies need to employ a top-down response to it. Security skills are necessary, and will be required, in procurement, audit, compliance, and legal when handling vendors, verifying compliance policies, interpreting regulations and interacting with law enforcement, he says. And that is just the beginning.

CW: You see a lot of businesses, including hospitals and commerce-focused entities pay “ransomware” demands [where a hacker, rather than leak or abuse data, encrypts it and holds it hostage until they are paid]. Why do they give in?

Sweeney: Think of a small online store that is going to be out... To get the full story, subscribe now.