Yearly Archives: 2017

Too Big to Fall? Cyberattacks Claim Some Surprising Victims in September
Posted by

Too Big to Fall? Cyberattacks Claim Some Surprising Victims in September

First it was Equifax with over 140 million accounts compromised. Then it was the SEC whose EDGAR public-company filing system was breached. Then came Deloitte who revealed that hackers may have accessed the sensitive details of several blue-chip clients. Apparently, no one is immune to a cyberattack any longer—not even the regulatory watchdog that’s been […]

How IT Can Leverage AI to Prevent Major Cybersecurity Incidents
Posted by

How IT Can Leverage AI to Prevent Major Cybersecurity Incidents

The need for artificial intelligence (AI) in IT governance, risk and compliance (GRC) is growing quickly.  As companies expand their digital footprints, cybersecurity vulnerabilities worsen due to an increased amount of data being produced from IT security monitoring and performance tools. At its recent Ignite 2017 conference, Microsoft revealed its plans for further incorporating artificial […]

3 mega trends transforming governance, risk and compliance
Posted by

3 mega trends transforming governance, risk and compliance

What three mega-trends are shaping business actions and objectives, and how can they impact GRC professionals’ roles? In the 15 years since the term governance, risk and compliance (GRC) was coined, a lot has changed. Once managed as separate initiatives, the three processes are more entwined than ever and are playing a prominent role in […]

Like Humpty Dumpty’s fall from the wall, a major data breach can crack a government
Posted by

Like Humpty Dumpty’s fall from the wall, a major data breach can crack a government

When governments suffer data leaks, the traditional fallout of breaches are combined with political scandal – the impact is multiplied and scrutiny magnified. Questions are asked around why information was withheld or, if announced soon after discovery, why it took so long to uncover. Just as a business suffers reputation damage after a breach, the […]

Compliance Meaningfulness: Hard to Achieve, Easy to Destroy
Posted by
Posted in

Compliance Meaningfulness: Hard to Achieve, Easy to Destroy

In an article titled, What Makes Work Meaningful- Or Meaningless by Catherine Bailey and Adrian Madden (MIT Sloan Management Review, Summer 2016),  the authors focus upon what makes our work meaningful, with research conducted across multiple industries and responsibilities. While their findings are presented as relevant to the overall workforce, the compliance implications are significant and […]

No, There Won’t Be New Rules On Cybersecurity – Until Someone Dies
Posted by

No, There Won’t Be New Rules On Cybersecurity – Until Someone Dies

Recently, I did an interview with Bloomberg Newsweek on the WannaCry ransomware attack that affected over 200,000 computers around the world.  The attack shutdown parts of the U.K. National Health Service leaving thousands of people without access to healthcare services, and resulted in Renault’s assembly lines being shut down in France among other things.  Newsweek […]

Mitigating Cyberattacks: The Prevention and Handling
Posted by

Mitigating Cyberattacks: The Prevention and Handling

Mitigating Cyberattacks New tools and technologies help companies in their drive to improve performance, cut costs and grow their businesses but as companies adopt cloud services in greater numbers and refine internal processes for development and operations, security considerations must be front and center. As companies rapidly adopt Cloud with a DevOps approach to rapid […]

Ransomware Cyber-Attacks: Best Practices and Preventive Measures
Posted by

Ransomware Cyber-Attacks: Best Practices and Preventive Measures

RANSOMWARE CYBER-ATTACKS “WanaCrypt0r 2.0” or “WannaCry,” an unprecedented global ransomware cyber-attack recently hit over 200,000 banking institutions, hospitals, government agencies, and other organizations across more than 150 countries. The ransomware encrypted user data, and demanded a payment in bitcoins to unlock the data. The companies that were hit included Telefonica – Spain’s largest telecom provider, […]

Uncover and Mitigate Third-Party Risks
Posted by

Uncover and Mitigate Third-Party Risks

Third parties have become an integral part of any business operation. However, the threats and issues arising from third-party engagements require enterprises to gain an in-depth understanding of their entire global third-party ecosystem. Failing to curb third-party risks can lead to severe reputational damage and loss of stakeholder and customer trust, but assessing third parties […]