Tagged: cybersecurity

Webinar: Building an Effective Cybersecurity Governance and Risk Mitigation Program

July 30, 2024, 12 Noon EST Sign Up Here Companies have identified cybersecurity risks as the number one threat to their organizations. Companies are experiencing an increasing number of cybersecurity incidents. As a result, companies face serious regulatory enforcement actions, reputational harm and collateral damage. To mitigate these risks, companies have to build an effective cybersecurity program, including governance requirements, policies and procedures, and comprehensive...

Episode 326 — Dottie Schindlinger on Diligent’s Report on Board Oversight of Cybersecurity

Diligent recently released an important report — Cybersecurity, audit, and the board: How does board oversight impact cybersecurity performance? Diligent’s Report includes several key findings on the importance of Board oversight and its importance to cybersecurity performance. Dottie Schindlinger, Executive Director of Diligent Institute, the global corporate governance research arm of Diligent – joins us to discuss the report and its key findings. https://audio-delivery.cohostpodcasting.com/audio/433377ff-16d7-421e-867c-0a97a76cc861/episodes/0848361f-ac8a-4bae-94c9-ce35daa4e211/episode.mp3

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains that corporate boards should have cybersecurity in their Top-3 List of corporate risks facing the organization. Like everything in life, it is one thing to identify the risk — it is quite...

NIST Adopts New 2.0 Cybersecurity Framework

In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws.  The National Institute of Standards and Technology (“NIST”) has sought to fill some of the large gaps on the issue of cybersecurity.  Enforcement agencies often cite the NIST Framework as an important barometer of an organization’s commitment to cybersecurity risks...

Justice Department Focuses on Artificial Intelligence Assisted Crime

In the face of rapid technology changes, the Department of Justice usually has to play catch up.  When cryptocurrency and blockchain entered the United States economy, the Justice Department played catch up.  Fraudsters and other criminals innovate and embrace new technologies to prey on victims.  The Justice Department usually catches up but there is often a lag as “innovative” criminals gain certain market advantages.  DOJ...

Top Five Risks Facing Corporate Boards

A Top 5 list should be viewed with suspicion — it is often just a headline grabbing posting with the clear purpose to gain readers’ attention.  In defense, however, it is interesting to compare articles on risk rankings.  To start with the obvious, corporate boards face growing risks — the economy, the regulatory environment, cybersecurity threats, technology developments  and stakeholder interests are all colliding and...

SEC Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer (“CISO”)––for defrauding investors by allegedly failing to disclose known security risks in public filings. This marks the SEC’s first ever enforcement action against an individual corporate officer over their mishandling of a data breach––but...

Episode 282 — The Evolving Partnership: Compliance and Cybersecurity

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches. Companies that have experienced a cyber-attack are forever changed.  The board and senior executive team quickly...

Webinar: Cybersecurity and Compliance — A New Path Forward

Webinar: Cybersecurity and Compliance — A New Path Forward July 25, 2023, 12 Noon EST Sign-Up Here Companies face a broad array of cybersecurity risks — from internal actor mistakes to sophisticated ransomware attacks.  Chief Information Security Officers (“CISOs”) are being asked to mitigate these risks. Luckily, Chief Compliance Officers (“CCOs”) have become natural partners for CISOs, and are collaborating to design and implement effective governance...

New York’s Department of Financial Services Proposes New Cyber Compliance Requirements

The New York Department of Financial Services (“DFS”) has proposed rule changes to increase cyber compliance requirements. DFS has been the leading regulatory force in the cybersecurity industry.  DFS first issued comprehensive cybersecurity rules in March 2017.  Many other regulators and international organizations have adopted many of these regulations as best practices for cybersecurity requirements. The proposed rules would impose some significant requirements, including: Expansion...