Tagged: cybersecurity

The Board’s Perspective: Wrapping Your Arms Around Risks

This week I attended the Diligent Elevate annual meeting in Houston, Texas.  For those of you who don’t know Diligent, it is a great event, and you can meet risk and compliance professionals, board members, and lawyers.  Diligent conducted numerous board education sessions at which board members spoke about new and significant risks; these included increased stakeholder expectations and the burdensome review of education and...

SEC Suffers Major Blow in Securities Fraud Case Against SolarWinds

A New Your federal district judge handed down a significant decision dismissing much of the SEC’s securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds’ cybersecurity policies, and disclosure of a significant cyberattack against the SolarWinds’ network. In an unprecedented case, the SEC alleged that SolarWinds, which went public in 2018, mislead the public as to the effectiveness of its cybersecurity...

Webinar: Building an Effective Cybersecurity Governance and Risk Mitigation Program

July 30, 2024, 12 Noon EST Sign Up Here Companies have identified cybersecurity risks as the number one threat to their organizations. Companies are experiencing an increasing number of cybersecurity incidents. As a result, companies face serious regulatory enforcement actions, reputational harm and collateral damage. To mitigate these risks, companies have to build an effective cybersecurity program, including governance requirements, policies and procedures, and comprehensive...

Episode 326 — Dottie Schindlinger on Diligent’s Report on Board Oversight of Cybersecurity

Diligent recently released an important report — Cybersecurity, audit, and the board: How does board oversight impact cybersecurity performance? Diligent’s Report includes several key findings on the importance of Board oversight and its importance to cybersecurity performance. Dottie Schindlinger, Executive Director of Diligent Institute, the global corporate governance research arm of Diligent – joins us to discuss the report and its key findings. https://audio-delivery.cohostpodcasting.com/audio/433377ff-16d7-421e-867c-0a97a76cc861/episodes/0848361f-ac8a-4bae-94c9-ce35daa4e211/episode.mp3

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains that corporate boards should have cybersecurity in their Top-3 List of corporate risks facing the organization. Like everything in life, it is one thing to identify the risk — it is quite...

NIST Adopts New 2.0 Cybersecurity Framework

In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws.  The National Institute of Standards and Technology (“NIST”) has sought to fill some of the large gaps on the issue of cybersecurity.  Enforcement agencies often cite the NIST Framework as an important barometer of an organization’s commitment to cybersecurity risks...

Justice Department Focuses on Artificial Intelligence Assisted Crime

In the face of rapid technology changes, the Department of Justice usually has to play catch up.  When cryptocurrency and blockchain entered the United States economy, the Justice Department played catch up.  Fraudsters and other criminals innovate and embrace new technologies to prey on victims.  The Justice Department usually catches up but there is often a lag as “innovative” criminals gain certain market advantages.  DOJ...

Top Five Risks Facing Corporate Boards

A Top 5 list should be viewed with suspicion — it is often just a headline grabbing posting with the clear purpose to gain readers’ attention.  In defense, however, it is interesting to compare articles on risk rankings.  To start with the obvious, corporate boards face growing risks — the economy, the regulatory environment, cybersecurity threats, technology developments  and stakeholder interests are all colliding and...

SEC Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer (“CISO”)––for defrauding investors by allegedly failing to disclose known security risks in public filings. This marks the SEC’s first ever enforcement action against an individual corporate officer over their mishandling of a data breach––but...

Episode 282 — The Evolving Partnership: Compliance and Cybersecurity

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches. Companies that have experienced a cyber-attack are forever changed.  The board and senior executive team quickly...