Cybersecurity Governance News – 3/11/16
Personal and corporate liability for breaches is a hot topic and action is being taken by the financial industry. The medical industry is lagging with hospitals remaining easy targets for hackers; however, HIPAA compliance, however, is important as the Office of Civil Rights is performing random audits.
The State of Security, Mar. 3
Hackers spend days, maybe weeks figuring out ways to get onto a network or social engineer a way into a building so they can seed their malware. It would literally take them five minutes in most hospitals across the United States. All they would need to do is…
Cybergovernance Journal, Feb. 29
Personal and corporate liability for breaches is a hot topic. The current buzzword in board discussions is “active engagement.” Terri Curran: “I’ve been in boardroom meetings where as soon as the CISO’s metrics presentation flashed on screen, eyes rolled heavenward and email was surreptitiously checked.”
TechTarget, Mar. 3
Compliance metrics are pretty straightforward based on the external contractual and regulatory compliance requirements of the organization. PCI DSS, NIST 800-53—lots of requirements provide great metrics as part of execution.
National Law Review, Feb 29
The 2016 examinations will be looking at structural risks and trends that may involve multiple firms or entire industries. The examinations will include the testing and assessment of the implementation of procedures and controls at target companies…
JDSupra Business Advisor, Mar. 1
Starting March 1, all commodity pool operators, commodity trading advisors, futures commission merchants, retail foreign exchange dealers, investment brokers, major swap participants and swap dealers that are National Futures Association (NFA) member firms (together the Covered Parties) must have one…