Dora Gomez of the Association of Certified Fraud Examiners discusses why security professionals should set up a framework to deal with changing regulations and threats.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Information security program development and maintenance continues to reside at the core of good response, incident management and overall information security program capability. In the current landscape, where the cyber threat consists largely of a growing and persistent threat of fraud and the potential for a...
Look at information security through the lens of business risk, and you'll begin to make decisions about security in light of their impact on the business. With security threats emerging faster than ever, what information is most important to protect? What happens if it's not protected? What strategic business...
A one-off approach to PCI DSS compliance often results in increased risk factors by creating discrepancies in security levels between environments within the shared network. Such an approach can be overcome by focusing on a central governance, risk, and compliance program designed to manage your organization's own...
Given the robust IT infrastructure of most financial institutions, it's easy to conclude that on-site deployment of a governance, risk and compliance (GRC) solution is the way to go. But there are compelling reasons to go with an integrated, cloud-based solution. Efficiency, flexibility and security are just three of...
Financial institutions have historically used a silo-based approach to governance, risk and compliance (GRC), with each group or department focused on specific risks or guidelines. Today, this approach is outdated and highly inefficient.
Financial institutions need to develop a comprehensive risk management...
The bigger the financial institution, the bigger the business. The bigger the business, the more third-party vendors and partners, and thus more regulatory scrutiny. For this reason, it's imperative institutions implement a thorough GRC process to break down organizational silos and provide greater visibility into the...
Today's business climate is one of unprecedented regulatory growth, data complexity and cybersecurity concerns. There is a corresponding increase in media attention, customer awareness and Board-level scrutiny.
Organizations must demonstrate that they have a viable process for managing risk and compliance (broadly...
Most organizations have embraced more than one software platform to automate their critical business processes. Platforms are becoming more flexible, allowing users to customize or configure their own applications. As your use cases grow, you may question whether you should leverage an existing platform for your next...
Today's business climate is one of unprecedented regulatory growth, data complexity and cybersecurity concerns. There is a corresponding increase in media attention, customer awareness and Board-level scrutiny. Organizations must demonstrate that they have a viable process for managing risk and compliance (broadly...
The ongoing struggle to protect sensitive credit card data will continue to escalate. One of the requirements used to tackle this problem is the Payment Card Industry Data Security Standard (PCI DSS). However, one of the biggest challenges for PCI DSS compliance initiatives is treating the standard as a unique and...
As enterprises continue to outsource more aspects of their operations to third parties, they expose themselves to more shared risk. It can be a staggering responsibility. Most organizations understand the need to automate vendor risk management activities to keep up with increasing scope and scrutiny. Yet they...
We've witnessed companies across industries suffer serious reputational and financial damage due to legal and regulatory compliance failures. Most had what they considered reasonable compliance processes, but somehow they didn't work. More and more corporate resources are spent on compliance, with greater attention in...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.