Third party vendors are often the weakest link in your organization’s security ecosystem, since most security leaders do not have good visibility or oversight of their security controls. But as the recent breach of SolarWinds or HAFNIUM has made clear, managing third party risk is now an essential part of your...
The Treasury Department's Office of the Comptroller of the Currency has hit Citibank with a $400 million fine for deficiencies in enterprisewide risk management, compliance risk management, data governance and internal controls. Meanwhile, the Federal Reserve is requiring the bank's board to take action.
Just as it's necessary to think about security before throwing yourself into the clouds when paragliding, the same holds true for large healthcare organizations migrating data to the cloud. Whether it's your first 'flight' in the clouds or you've been gliding for a while, there are security and compliance best...
Even before the pandemic set us on the road to a global recession, many banks were struggling to balance the polarising pressures of a changing world and keeping to business as usual.
On March 11, 2020, the California Attorney General issued another set of revisions to the California Consumer Privacy Act of 2018 regulations. Updates include guidance on IP addresses, privacy policy disclosures, and denying deletion requests. While the regulations address many questions, they still leave much...
To understand and illustrate the benefits, costs, and risks associated with ServiceNow, Forrester interviewed six current Governance, Risk, and Compliance customers to create a representative organization. This organization:
Performed compliance testing and reporting 70% faster
Completed vendor assessments 3 times...
Security leaders in enterprise energy organizations face the challenge of assessing the efficiency of their cybersecurity program, planning proactive risk mitigation, and communicating their posture across all levels of the organization from the Board of Directors to auditors and asset owners.
Read this case study...
As an IT or OT security leader, you must be able to communicate cybersecurity compliance, risk posture, and Return on Security Investment (ROSI) to management. Hundreds of these security leaders have already made the transition to an integrated risk management approach to cyber program management, reconfiguring the...
As many organizations are working to streamline their governance, risk and compliance (GRC) processes, they often encounter gaps in implementation and need to tailor their tools towards their unique industry and specific goals.
Download this guide which highlights how you can optimize your investment in the popular...
There are few regulatory environments more complex and challenging than that of a large public utility serving millions of customers across several states. So when the compliance management team at one such organization required a more streamlined approach to gathering, managing, and complying with hundreds of...
The global nature of business and the presence and impact of cyber adversaries make it an organizational imperative to consistently re-assess the effectiveness of our security practices. Adopting best practices have become essential to consistently managing enterprise risk. Zero Trust offers security practitioners a...
Dora Gomez of the Association of Certified Fraud Examiners discusses why security professionals should set up a framework to deal with changing regulations and threats.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Information security program development and maintenance continues to reside at the core of good response, incident management and overall information security program capability. In the current landscape, where the cyber threat consists largely of a growing and persistent threat of fraud and the potential for a...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
