Thoughts on Corporate Risk and How Companies are Handling the Challenge
Cyber Risk Success – Best Bet through an Integrated Risk Management Strategy
Recent studies exposed a massive misalignment between security spending and the actual cause of cyber breaches. Two-third of breaches are caused by someone either doing what they shouldn’t or failing to do what they should, yet three-fourths of security spending is on information technology solutions.
Getting Serious About Cyber Risk? The SEC Fails on Several Levels
"I don't know that much about cyber, but I do think that's the number one problem with mankind." Warren Buffett, 2017 Last fall, the new owner of Yahoo’s web business, Verizon, shared that forensic experts had discovered that all 3 billion of Yahoo’s user...
How Conduct Risk and Cyber Risk are Related
Conduct risk management began gaining traction in the financial services industry as a way to minimize the probability of another financial meltdown. The Equifax cyber meltdown exposed the close connection between managing conduct risk and cyber risk.
Safeguarding your Company against Cybersecurity Attacks
Calavista CMO Sloan Foster interviews Founder and CEO Mike Shultz of Cybernance, an industry leader in cybersecurity risk governance.
Equifax 2.0: Massive Aftershocks Result from Breach
In a recent Westlaw Journal article, I shared my conviction that the effects from the massive Equifax breach are only beginning to be felt. I believe this breach will have far reaching effects and perhaps change cyber law forever.
Transition from Technology to Governance – A CISO Strategy for Success
The strong technical background most CISOs bring to their position is a powerful asset, yet it can limit career growth if they fail to transition their perspective from technology to governance.
NY DFS Deadline is Looming. You CAN Speed Up Compliance
Pressure builds as the NY DFS cyber regulation deadline of February 15th approaches. Automation can accelerate meeting the requirements.
Six Cybergovernance Trends to Watch in 2018
Here are six reasons why we think cybergovernance is a something to watch for in 2018.
Tipping Point for Cyber Risk Governance – 2017 was the Year!
Cybersecurity governance moved up during 2017 as the #1 concern of corporate directors.
International Fraud: How aware are we really?
Why aren’t business leaders making cyber risk management a higher priority?
Cybersecurity News
Corporate Law & Governance Update: February 2019
There is a notable increase in governance discourse on the relationship of corporate purpose to sustainable revenue growth, in the context of changing social and political structures.
SecurityScorecard Launches Project Escher to Support Non-Profit Organizations in Fight to Understand Third Party Risk
Leader in Security Ratings Provisions Non-Profits with Complimentary Access to Company’s Platform to Assess Vendor Ecosystem
Cybersecurity and the risk function
Are your information technology, cybersecurity, and risk professionals working together as a championship team to neutralize cyberthreats and protect business value?
NY regulator urges firms to comply with cybersecurity regulation
The final implementation period for the regulation ends March 1, 2019.
Cyber security: This giant blind spot will cost us dear
Cyber attacks are one of the biggest risks facing the world. Our inability to address the underlying issues risks disaster.
Nordstrom Employee Data Breach
High-end retailer Nordstrom is in the process of notifying its employees their data may have been compromised in a breach.
DHS head: ‘Relentless resilience’ will drive collaboration on cybersecurity
As the Department of Homeland Security continues to change the way it handles various cyberthreats the U.S. faces, the agency’s head said it’s focusing on making essential functions provided by critical infrastructure sectors more resilient.
Security breach at Nordstrom exposed sensitive employee data
Seattle-based retailer Nordstrom is notifying employees of an information-security breach that exposed their names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and more.
Survey: Major Brands Value Reduced with Data Breach
A recent study found customers would cease engaging with a brand after it experienced a breach.
MGM’s Oct. 1 legal defense sparks interest across industries
The casino operator is the first company to use the 16-year-old Supporting Anti-Terrorism by Fostering Effective Technologies Act — created in the aftermath of the Sept. 11, 2001, attacks — to counter plaintiffs’ claims.
Make cybersecurity part of your credit union’s fabric
Credit unions continue to fall victim to a variety of cyberattacks, including malware infections, phishing scams, denial-of-service attacks, cryptojacking, and ransomware.
America’s largest diagnostics service LabCorp suffers massive data breach
Security experts have been warning about expected cyber-attacks on healthcare industry since last year’s huge hack-attack on Florida based Medicaid in which private data of nearly 30,000 patients were exposed…. and we have another victim already.
Data breach bigger than Equifax – 340 million personal records exposed
A marketing and data aggregation firm called Exactis may have just leaked the personal information of nearly 340 million U.S. citizens including phone numbers, home addresses, email addresses, interests and even the number, age and gender of their children.
Cyber Risk Governance a Key Responsibility for Boards of Directors
Former SEC Commissioner and former Chief Risk Officer lead an international group of board directors, chief risk officers, and other C-level executives in providing guidance to boards and standards by which external parties can measure board performance on cyber risk governance.
OMB Releases Damning Report on U.S. Govt’s Inability to Counter Cyber Threats
The OMB and DHS found that 71 of 96 agencies have cybersecurity programs that are either at risk or high risk.