Ask a CCO: Company investment in data privacy efforts
Four senior compliance practitioners share their views on the U.S. data privacy landscape and the actions their companies are taking to keep pace with new state laws set to hit the books in 2023. Today’s question:
Q: What investments has your company made in data privacy compliance efforts?
Related articles
-
PremiumCybersecurity pillars: Prevention, protection, mitigation, governance
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumCompliance budgets, staffing brace for impact of recession prep efforts
Respondents to our “Inside the Mind of the CCO” survey whose businesses are anticipating an economic recession note smaller budgets and the delay of new initiatives among efforts already undertaken to cut costs.
-
ArticleStrategies for balancing risk/reward of investing in new technologies
Taking a step back before committing to a technology project to weigh the risks and rewards can prove beneficial in the long term. Consider the following best practices.
More from Opinion
-
OpinionBeyond the Binder: Policy governance in practice
Most compliance professionals have faced it: a regulator or client requests a policy, and several slightly different “final” versions appear. The issue often stems from reactive, siloed work without a unified governance framework.
-
OpinionWhat compliance can learn from a 95 percent AI pilot failure rate
Compliance professionals have long known that systems fail when governance does. An MIT study’s finding that 95 percent of enterprise artificial intelligence (AI) pilots fail underscores how essential compliance-grade discipline is to the success of emerging technologies.
-
OpinionRisk-Based AML only works if the C-suite agrees what ‘risk’ means
Banks emphasize risk-based compliance in their AML programs, citing it to regulators and embedding it in policy, yet many institutions still handle risk very differently in practice.