Security & Business Resilience
Security & Business Resilience RSS Feed RSS

password cyber

New cybersecurity threat - Credential stuffing

Amy Lynch
Amy Lynch
September 25, 2020
The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert (the “Alert”) discussing cybersecurity observations from its examinations over time. The Alert did not state the time period of examinations included; however, OCIE has conducted several cybersecurity targeted exams over recent years.
Read More
HIPAA

Do I need to be HIPAA compliant? Uncovering the “I didn’t know” claim

Stephen Trout
Stephen Trout
September 25, 2020
In fact, HIPAA penalties do distinguish degrees of “not knowing,” yet that doesn’t mean - like the traffic violation above - that a hefty fine still won’t land in your lap. Can your company deal with even a $50,000 (per violation) hit to the pocket book? Here’s the breakdown of potential penalties per OCR (Office of Civil Rights) discretion, as noted in the HIPAA Journal.
Read More
How Continous Is Continous Monitoring?

Seven in ten CISOs believe cyberwarfare is an imminent threat to their organizations

September 25, 2020
Seven in every ten CISOs (71%) believe cyberwarfare is a threat to their organization, and yet just over a fifth (22%) admit to not having a strategy in place to mitigate this risk. This is especially alarming during a period of unprecedented global disruption, as half of infosec professionals (50%) agree that the increase of cyberwarfare will be detrimental to the economy in the next 12 months.
Read More
protests -violence

How extremist groups are using social media to spread their ideology, recruit and encourage violence

Maria Henriquez
September 24, 2020
Using memes as propaganda, employing sophisticated communication networks for both planning and recruiting, making use of both fringe and private online forums and organizing militias to inspire lone wolf actors for violent action have proven to become tried-and-true tactics by extremist online communities seeking to expand their influence in recent years. According to the Network Contagion Research Institute (NCRI) report, presented by the Rutgers Miller Center for Community Protection and Resilience, Network-Enabled Anarchy: How Militant Anarcho-Socialist Networks Use Social Media to Spread Violence Against Political Opponents and Law Enforcement, militant and extremist groups have taken to social media and online forums to plant hateful, anti-Semitic and/or revolutionary ideas in the public eye, which are often disguised with humor or through using coded language.
Read More
cybersecurity risks

Poor incident detection can cost your organization a fortune

Michael Paye
Michael Paye
September 24, 2020

No matter how much the economic situation changes, prompt detection and response to cyber threats must remain a core priority for your organization. The ability to spot and address incidents in their early stages will help you avoid data breaches and their unpleasant consequences, including business downtime, lost revenue, costly security investigations and fines from regulatory bodies. As a result, you can save your budget for mission-critical tasks that will bring your organization value in the long run. 


Read More
900x550_G4S_ESRM_0006_Metrics_Report_2.jpg

Addressing the cyber metrics challenge

Dr. Leila Powell
Dr. Leila Powell
September 24, 2020
Why are CISOs constrained from delivering metrics at scale and why is producing good security metrics so difficult? Here, find out what the five stages of security metrics maturity are, and how you can achieve a mature security metrics program.
Read More
Combating Complacency: Getting the Most Out of Your Data Breach Response Plan

What U.S. companies should know about LGPD – Brazil’s new General Data Protection Law

LGPD is a complicated regulatory regime that will required U.S. entities subject to its requirements to undertake substantial compliance efforts.
david stauss
David M. Stauss
September 23, 2020
As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.
Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!