News & Analysis as of

Information Security Training Master Class: Winning the Battle against Data Breaches, Malicious and Negligent Employees, and...

Information security has continued to play prominently in the news as this series has evolved. Just today AT&T announced a data breach. Home Depot and Jimmy John’s, also added to the list in the past month, are still...more

New York AG Reports that Data Breaches Cost New York Businesses over $1B Last Year

The current headline in data security is a just-released report from the New York Attorney General's Office (the "AG Report") announcing that the number of reported data breaches more than tripled between 2006 and 2013,...more

Risk Planning and Board Liability

Board members are in the hot seat, or to put it another way – they are in a hot kitchen. The question is whether they can stand the heat of the hot kitchen....more

FFIEC Launches Cybersecurity Resources Web Page

On June 24, the FFIEC unveiled a new web page that will serve as a central repository for current and future FFIEC-related materials on cybersecurity. Although the FFIEC did not release any new resources, the launch shows the...more

Cybersecurity: Having a Privacy Policy is Not Enough

With the rash of significant data security incidents that occurred in 2013 and have continued to this day, it is increasingly important for companies to have an updated cybersecurity preparedness plan. The World Economic...more

FCPA Compliance and Ethics Report-Episode 72-interview with Michael Rasmussen [Video]

In this episode of the FCPA Compliance and Ethics Report, I interview Michael Rasmussen, the GRC Pundit. As the man who coined the phrase 'GRC' Michael is one of the country's top GRC experts. He talks about the recent OCEG...more

The NIST Cybersecurity Framework: Four Takeaways For The Energy Industry

On February 12, 2014, the Commerce Department’s National Institute of Standards and Technology (NIST) released its “Framework for Improving Critical Infrastructure Cybersecurity” (the “Framework”). Developed jointly by...more

FFIEC Advises Financial Institutions On “Heartbleed” Risks

On April 10, the FFIEC issued an alert advising financial institutions of risks associated with “Heartbleed”, a recently discovered material security vulnerability in a commonly used encryption method known as the OpenSSL...more

And On The 12th Day Of Privacy, Something For Directors…..Mind The Gap!

On our last “day of Privacy”, we have a little extra (perhaps a lump of coal….) post: in 2014, cyber risk has been elevated to a board issue – read on and forward to your favorite company director! As we have discussed...more

NIST Proposes Privacy Control Roadmap For Organizations

In an age in which safeguarding the privacy of a person’s information is becoming increasingly challenging, the National Institute of Standards and Technology (NIST) encourages organizations to devote time and resources to...more

FINRA Issues 2013 Regulatory and Examination Priorities Letter

Overview: On January 11, 2013, the Financial Industry Regulated Authority (FINRA) issued its 2013 Annual Regulatory and Examination Priorities Letter (Priorities Letter). This letter is issued annually to highlight...more

11 Results
|
View per page
Page: of 1