Cybergovernance Journal Update – 8/19/16

by | Aug 19, 2016

Keeping up with every external threat to your organization can be a Sisyphean task. Ensuring your company’s cyber resilience by focusing on internal practices in addition to physical infrastructure is achievable.

Cybersecurity a Risk for Boards of Directors

National Defense Magazine, August 18
Corporate directors generally owe their companies duties of good faith, care and loyalty. To address the challenges presented by cybersecurity risks and assist directors in demonstrating that they have met their fiduciary duties, boards should be actively engaged in the development and oversight of companies’ cybersecurity strategy…

Read Article

Making Cybersecurity a High Priority in M&A Due Diligence

CIO, August 8
How often do the buyers take thaat long, hard look at a seller’s cybersecurity capabilities these days? The short answer is, not often enough. Due diligence needs to serve as an offensive strategy that includes a rigorous cybersecurity assessment, to make sure the buyer gets the value it’s paying for…

Read Article

If Security Breaches Are Inevitable, What Are Businesses to Do?

City A.M., August 16
Joining up all the information and metrics from individual technologies to measure security success is a real challenge. External reviews of security defenses are typically either broad but not deep – assessing whether policy is being followed, but not how effective it is – or deep but siloed – assessing a single technical area…

Read Article

NSA Use of Software Flaws for Hacking Posed Risk to cybersecurity

Chicago Tribune, August 17
Former NSA personnel say that when they worked at the agency, there was an aversion to disclosure. “While I was there, I can’t think of a single example of a zero-day [flaw]” used by the agency “where we subsequently said, ‘OK, we’re done with it and let’s turn it over to the defensive side so they can get it patched,’ ” said the former employee…

Read Article

FDIC’s View of Cybersecurity and Lessons Learned for All Industries

CTOvision, August 15
Information security is pertinent to all businesses in all industries and across all levels of government. Some do it well and some do it poorly. All should seek to learn lessons, and this post dives into an organization that is recovering from the fail side of the equation, the Federal Deposit Insurance Corporation (FDIC)…

Read Article

FFIEC Assessment Saves Significant Time

Cybergovernance Journal, August 15
“We recognized the challenges that financial institutions face in implementing the comprehensive FFIEC guidelines,” said Charlie Leonard, VP Products at Cybernance Corporation. “Automating the collaboration required to complete a comprehensive assessment significantly reduces the time it takes.”

Read Article

Be notified of new Journal entries in your email box or Follow us on Twitter.