cybersecurity (66)

8028307088?profile=originalAs the grid modernises, the design of utility cybersecurity solutions need to be rethought to defend against the evolving capabilities of potential attackers. A huge difficulty lies in the selection process of available technologies. This comes with the bigger challenges of implementing and operating these new technologies to harmonise with existing internal utility services. As a result, Smart Grid Forum’s Smart Grid Cybersecurity 2020 conference has been created to solve the strategic, applica

Read more…

In today’s hyper-connected digital age, it’s not unusual for medium to large-sized companies to have hundreds, or even thousands, of third-party suppliers.

This can range from product suppliers, to billing processors, to cloud providers, and a variety of different services.

This large volume of suppliers can pose a challenge for Chief Security Information Officers (CISO) to properly manage risk, especially when personal or confidential data is shared.

A Risky Misconception – Understanding Supplier

Read more…
Not so long ago, the idea of outsourcing critical business functions or IT systems to a third party supplier would have been off limits for many organisations because of the level of risk involved. However today, the use of third party suppliers has increased exponentially, with many organisations outsourcing even core functions of their business. Why? Outsourcing can be financially attractive, efficient and provide competitive advantage.
 
In delegating key processes to third parties, organisatio
Read more…

Going into 2020, businesses are expected to continue the transition from on-premise to cloud.  Many are increasingly adopting a cloud-first strategy, where if possible, they will run their services on a cloud platform vs keeping them in a data center.

And why not? The benefits of moving to the cloud are enormous and the list is long.  They range from – but are not limited to – reduced overheads, improved scalability without the capex costs, and improved efficiencies.  The big one that hangs over

Read more…

Quest Diagnostics is a US-based company that provides medical testing services, and announced that it used third-party billing collection companies that were hit by a severe data breach. In fact, about 11.9 million Quest customers were affected.

The compromised information could include personal data of the patients, including Social Security numbers, as well as medical and financial information. However, laboratory test results aren’t included in the breach.

What Happened?

The AMCA (American Medic

Read more…

Most people do not understand why organizations need dedicated erm software solutions to manage enterprise risk, but that is only because most people do not understand how vital enterprise risk management can be. Managing risks is simple in our personal lives and for small businesses, because only a few risks need to be worried about. There is no need to quantify and assess these risks, because it is easy to keep track of them all due to their low quantity and small size. However, when we start

Read more…

8028300860?profile=original

The automotive cybersecurity market segmentation (on the basis of product type) is further categorized into intrusion detection system (IDS) and intrusion detection and prevention system (IDPS). The IDPS dominated the global automotive cybersecurity market in 2018 and is anticipated to maintain its dominance throughout the forecast period (2019-2029).

Browse the Full TOC "Automotive Cybersecurity Industry"

https://bisresearch.com/industry-report/automotive-cybersecurity-market.html

The automotive c

Read more…

Robert Siciliano on FOX Nation

I recently had the opportunity to join a panel discussion on FOX Nation. We talked about the grid, and how cyber threats could be the next medium for global warfare. I was able to share opinions with fellow experts on privacy, information security and cybersecurity. Please watch and learn why it is so important to take control of your own security, and ultimately your life.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security P

Read more…

8028293665?profile=original

ISACA, a leading nonprofit organization dedicated to the development, adoption, and use of industry-leading information security knowledge and best practices, opened up its 50th anniversary celebration this year with their 2019 North America CACS Conference. I was fortunate enough to be invited to speak to the more than 1,500 cybersecurity professionals in attendance about how to operationalize their cybersecurity programs and turn policy into action.

The North America CACS Conference is the prem

Read more…

Compliance management system has become one of the most important and fundamental concern for all the organization specifically in financial institutions. With the help of compliance management tracking software, companies are able to track, save and identify data, risk, threat and fraud. This system ensures that the whole organization is synced with each other and having updates regarding all the happenings and information of the company where they are also able to respond with their best possi

Read more…

GRC strategies to be made in 2019

GRC refers to Governance, Risk and Compliance which means to ensure that proper policies and controls are implemented in your organization for the monitoring of risk and to setup a system for check and balance if new risk arises. While incorporating GRC with technology, it helps in implementing proper control, compliance management system, documentation and also helps in meeting the objective of an organization. It just not helps in mitigating risk but also to evaluate it and providing best poss

Read more…

Cyber security is one of the top needs that any business can have in today’s world of digitalization where everything is going online. Companies are maintaining their system with such hi-tech cyber security that it is hard to breach. Since it’s an online world and paperless environment, so cyber security is being prime concern that if anyone who attacks the system he can get into whole of the company’s information.

According to recent research report by World Economic Forum, "90 percent of compan

Read more…
8219689880?profile=originalLast Friday, Marriott disclosed that the data of about 500 million guests had been exposed as a result of a hack that dates all the way back to 2014.

In 2014, hackers exploited the reservation system of Starwood Hotels and Resorts, which was acquired by Marriott in 2016. The breach exposed user data that not only included names, phone numbers, email addresses, passport numbers, and dates of birth, but even access to some encrypted credit card data.

As a result of this breach, Marriott may be one o

Read more…

8028276478?profile=originalUber has agreed to pay a hefty $148 million settlement after concealing a data breach in 2016 containing 57 million users’ data. In hopes of preventing this from recurring, it’s time for Uber to reassess their risk management practices, and in turn regain the public’s trust as well. 

Although this regulatory problem has resulted in a huge sum of money, this is not the greatest consequence Uber will face due to a risk management failure. The hit on Uber’s reputation is massive. The concept I call

Read more…

GDPR Readiness: How Do You Stack Up?

8028273687?profile=originalThe GDPR is the strictest set of data protection rules any nation has published, featuring some of the most severe penalties connected to data privacy seen yet. Now that the compliance deadline has passed, we started to wonder about GDPR readiness. How are companies stacking up to the new regulation?

We compiled a host of GDPR statistics to answer that exact question, alongside some quick facts about what this new regulation is asking of international companies. 92% of US-based multi-national com

Read more…

marcus evans will host the 3rd Edition Operational Risk Management and Organizational Transformation for Financial Institutions Conference on September 12-13, 2018 in New York, NY. This annual conference has been one of the most anticipated Operational Risk Management meetings in the industry. This year, we bring together Operational Risk Management & Enterprise Risk Management Professionals to discuss key fundamentals for achieving the utmost efficient operational risk culture. As an expert, in

Read more…

Chief risk officers and heads of operational risk responded to a survey held by Risk.net and identified their top risk concerns. Their number one concern was IT disruption, while their second highest concern was data compromise. Why is cybersecurity risk on everyone’s mind?

For one thing, technology is an inescapable reality of every business. Even the smallest of mom and pop shops have an electronic system to make credit card transactions, while larger corporations rely on immense data centers t

Read more…

Vendor-Data-Breached-1024x512.jpg

What’s worse than a vendor that suffers a data breach that exposes your sensitive customer information? The answer: A vendor that waits almost six months to tell you about it.

That’s the issue that both Sears and Delta Air Lines are facing after a malware attack on each of the company’s online chat services vendors. Hundreds of thousands of customers’ payment information was accessed, including payment card account numbers, expiration dates, names, and addresses, reports Gizmodo. Sears and Delta

Read more…

8028270679?profile=original


Does your institution need cybersecurity insurance? Is it required? If utilized, are there rules? Cybersecurity insurance can protect against financial loss in the event of a cyber incident, but there are many intricate details.

The Federal Financial Institutions Examination Council (FFIEC) members have provided a joint statement to help financial institutions understand how cyber insurance impacts risk management and what institutions need to do when considering purchasing cyber insurance. The

Read more…

WSJ Conference on Cybersecurity

There was a conference in NY this week hosted by The Wall Street Journal on Cyber Security. They published a separate section in the NY edition of their newspaper entitled WSJ PRO REPORT – CYBERSECURITY. It is a worthwhile read if you can get your hands on a copy.

This post is a follow up to my December 3rd post ‘GDPR is coming. Are you ready?’. The consensus at the WSJ Cybersecurity conference is ‘NO’, the vast majority of US companies are clearly not paying attention at all. The gist can be fou

Read more…

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead