Initial reports suggested that Russian hackers could behind an attack against JPMorgan Chase, and perhaps other U.S. banks. While it's still far from clear who the culprits are, experts discuss the potential hacking motivations of a nation-state.
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
TD Bank has been ordered to pay $52.5 million in penalties for violations of the Bank Secrecy Act and securities laws as a result of failing to file timely suspicious activity reports related to nearly $1 billion worth of transactions.
Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.
The penalties paid out by HSBC and Standard Chartered Bank for violations to money-laundering regulations should serve as a wake-up call, says Kevin Sullivan. In fact, banking institutions should brace for more fines.
The Defense Department will employ a two-prong approach - securing the perimeter as well as the data - as it develops its cloud-computing architecture. "We're going to be able to better protect as we get more standardized," CIO Teresa Takai says.
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.