All Risk Management articles – Page 69
-
ArticleHow Accor manages global data privacy compliance
Marie-Christine Vittet, vice president of compliance at hospitality chain Accor, shares with Compliance Week the company’s journey toward a global data privacy compliance program.
-
ArticleIndictment: China-based Hytera stole trade secrets from Motorola
Hytera Communications allegedly conducted a scheme to systematically steal trade secrets from Motorola Solutions by hiring away Motorola employees who had developed its “walkie-talkie” product line, according to a federal indictment.
-
ArticleMicrosoft, Activision Blizzard, and importance of cultural due diligence in M&A
Rarely do cultural considerations play a role in M&A transactions, though they are often critical to the ultimate success of a deal. Microsoft’s planned acquisition of embattled video game developer Activision Blizzard offers a timely case study.
-
ArticleKPMG facing $1.8B lawsuit over Carillion audits
KPMG is facing a £1.3 billion (U.S. $1.8 billion) lawsuit for missing “red flags” during its audits at failed construction company Carillion, which creditors say was insolvent more than two years before it collapsed.
-
ArticleWestpac combines risk, compliance leadership; hires Ryan Zanin as chief risk officer
Australian bank Westpac announced it will combine the leadership of its risk and compliance divisions into one position under Ryan Zanin, who joins after most recently serving as executive vice president, chief risk officer at Fannie Mae.
-
PremiumChapter 4: Recovery and lessons learned post-ransomware attack
Whether fictional private utility company Vulnerable Electric pays the ransom or not in the aftermath of its cyber incident, the two pathways quickly splinter off in different directions with varied endings, each with important lessons to be learned.
-
PremiumEpilogue: What happened to Betsy?
The “patient zero” of fictional private utility company Vulnerable Electric’s ransomware crisis learns her fate.
-
PremiumChapter 3: Ransomware eradication prompts tough choice: To pay or not to pay?
No matter what, the deck is stacked against fictional private utility company Vulnerable Electric as it weighs whether to pay the $5 million ransom demanded by a cybercriminal who breached its systems. Which path do you take?
-
PremiumRansomware case study glossary
The field of cybersecurity features a growing list of terminology to describe the many forms, channels, and motivations behind cyberattacks and hacking culture. Learn further definitions for some key terms featured throughout the ransomware case study.
-
ArticleFinCEN readying rule for banks to prove AML/CFT programs ‘reasonably designed’
The Financial Crimes Enforcement Network will likely require banks and other financial institutions to assess their anti-money laundering and countering the financing of terrorism programs to ensure they are “effective and reasonably designed.”
-
PremiumChapter 2, Part 1: Containment key to ransomware defense
With Day 2 of fictional private utility company Vulnerable Electric’s ransomware crisis comes the need to grasp the extent of its situation. The cyber incident response team’s synchronized efforts are pivotal as time is of the essence.
-
PremiumChapter 2, Part 2: Ransomware damage control and when to alert stakeholders
Systems at fictional private utility company Vulnerable Electric remain impacted in the aftermath of a ransomware attack, but the chief executive decides it’s time to be forthright with employees and customers.
-
PremiumChapter 1, Part 1: Betsy’s human error triggers ransomware crisis
When one of fictional private utility company Vulnerable Electric’s most dedicated employees falls victim to a social engineering hack, her actions in the immediate aftermath are crucial to what will soon become a crisis for the C-suite.
-
PremiumChapter 1, Part 2: All hands on deck in C-suite ransomware response
Following the events that triggered a double extortion ransomware attack, the CEO of fictional private utility company Vulnerable Electric mobilizes her cyber incident response team to begin assessing the path forward to dealing with the cybercriminal(s).
-
ArticleCW case study offers 360-degree view of ransomware attack
Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s third case study.
-
ArticleRemedial actions help HeadSpin avoid fine in SEC fraud settlement
Silicon Valley-based tech company HeadSpin’s significant remedial actions in response to its chief executive’s alleged fraudulent behavior helped it settle charges with the Securities and Exchange Commission without being fined.
-
ArticleBiden plan to expand cybersecurity collaboration with water sector
The Biden administration announced an action plan to collaborate with owners and operators in the water sector to deploy technologies and systems that provide cyber-related threat visibility, indicators, detections, and warnings.
-
Article
Supreme Court declines case on False Claims Act anti-retaliation provisions
The Supreme Court has declined to settle conflict between two federal court decisions on whether former employees are covered by whistleblower anti-retaliation protections contained in the False Claims Act.
-
ArticleSurvey: Working in compliance is stressful, but satisfying
More than half the compliance officers responding to a new survey on working conditions said they feel burned out on the job, yet 60 percent of respondents still reported being satisfied with their work.
-
ArticleESG reporting: A summary of preparers’ perspectives
Preparers speaking at a pair of recent high-profile accounting and auditing conferences discuss current practices and the challenges their controllership teams face in ESG reporting and governance.