Cybergovernance Journal Update – 11/27/2015

by | Nov 27, 2015

As more breaches happen and shareholder lawsuits follow, discovering how your organization as a whole, not just the technology team, deals with cybersecurity grows in importance. Directors must also understand how data must be handled in order to combat global espionage that is growing with the rise of global workforces.

Mapping Cybersecurity: Discover Hidden Structures in Your Org Chart

Cybergovernance Journal, Nov. 25
The real problem with security is that assuming that cybersecurity is the exclusive domain of technologists. Human resources, procurement, risk management should be well informed and actively involved in creating the firm’s security posture. If they aren’t, then your organization is operating with significant blind spots in a risky environment. It is time to expand the scope of cybersecurity to the other critical stakeholders in your firm.

Read Article

Shareholders: Expect More Cybersecurity Lawsuits in 2016

PropertyCasualty360, Nov. 19
A survey of 276 board members by NYSE Governance Services and security firm Veracode found 60% of respondents expect an increase in shareholder lawsuits against companies due to cybersecurity issues, while 72% expect more cyber-related regulation in the near future.

Read Article

7 Most Important Questions for Directors of Companies Dealing with Data

SiliconRepublic, Nov. 24
Cyber liability, cybersecurity and information governance are terms that directors are becoming more aware of due to high-profile data security breaches. Where there is liability, there is a corresponding responsibility for that liability. As the duties of directors come increasingly under the microscope, it is clearly in the interests of directors to ensure that they understand their responsibilities in this area.

Read Article

Hilton Acknowledges Credit Card Breach

Krebs on Security, Nov.15
Hilton said the data stolen includes cardholder names, payment card numbers, security codes and expiration dates, but no addresses or personal identification numbers (PINs). The announcement from Hilton comes just five days after Starwood Hotel & Resorts Worldwide — including some 50 Sheraton and Westin locations — was hit by a similar breach that lasted nearly six months.

Read Article

Learn a New Word: Timestomping

SC Magazine, Nov. 23
Researchers at Damballa have discovered a toolset that may have helped the Destover and Shamoon malware remain undetected when they used to hack Sony and Saudi Aramco. Two new utilities were found that could stealthily move through a network work. Both enabled the Sony and Saudi Aramco hackers to avoid detection and stay inside the compromised systems for months.

Read Article

Economic Espionage: The Global Workforce and the Insider Threat

Security Intelligence, Nov. 20
The insider threat is a very real phenomenon that’s worthy of attention regardless of your organization’s size. The IBM 2015 Cyber Security Intelligence Index report provided sobering numbers: 31.5 percent of data breaches are attributable to malicious insiders and 23.5 percent are due to insider errors or non-adherence to process and policies that lead to inadvertent data breaches or disclosures.

Read Article

Be notified of new Journal entries in your email box or Follow us on Twitter.