The global nature of business and the presence and impact of cyber adversaries make it an organizational imperative to consistently re-assess the effectiveness of our security practices. Adopting best practices have become essential to consistently managing enterprise risk. Zero Trust offers security practitioners a...
Dora Gomez of the Association of Certified Fraud Examiners discusses why security professionals should set up a framework to deal with changing regulations and threats.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Information security program development and maintenance continues to reside at the core of good response, incident management and overall information security program capability. In the current landscape, where the cyber threat consists largely of a growing and persistent threat of fraud and the potential for a...
A one-off approach to PCI DSS compliance often results in increased risk factors by creating discrepancies in security levels between environments within the shared network. Such an approach can be overcome by focusing on a central governance, risk, and compliance program designed to manage your organization's own...
Given the robust IT infrastructure of most financial institutions, it's easy to conclude that on-site deployment of a governance, risk and compliance (GRC) solution is the way to go. But there are compelling reasons to go with an integrated, cloud-based solution. Efficiency, flexibility and security are just three of...
Financial institutions have historically used a silo-based approach to governance, risk and compliance (GRC), with each group or department focused on specific risks or guidelines. Today, this approach is outdated and highly inefficient.
Financial institutions need to develop a comprehensive risk management...
The bigger the financial institution, the bigger the business. The bigger the business, the more third-party vendors and partners, and thus more regulatory scrutiny. For this reason, it's imperative institutions implement a thorough GRC process to break down organizational silos and provide greater visibility into the...
Ira "Gus" Hunt, a security expert who was formerly CTO at the CIA, analyzes why many large healthcare provider organizations plan to boost cybersecurity spending in 2018 and discusses the role of emerging technologies.
Today's business climate is one of unprecedented regulatory growth, data complexity and cybersecurity concerns. There is a corresponding increase in media attention, customer awareness and Board-level scrutiny.
Organizations must demonstrate that they have a viable process for managing risk and compliance (broadly...
Most organizations have embraced more than one software platform to automate their critical business processes. Platforms are becoming more flexible, allowing users to customize or configure their own applications. As your use cases grow, you may question whether you should leverage an existing platform for your next...
Today's business climate is one of unprecedented regulatory growth, data complexity and cybersecurity concerns. There is a corresponding increase in media attention, customer awareness and Board-level scrutiny. Organizations must demonstrate that they have a viable process for managing risk and compliance (broadly...
The ongoing struggle to protect sensitive credit card data will continue to escalate. One of the requirements used to tackle this problem is the Payment Card Industry Data Security Standard (PCI DSS). However, one of the biggest challenges for PCI DSS compliance initiatives is treating the standard as a unique and...
As enterprises continue to outsource more aspects of their operations to third parties, they expose themselves to more shared risk. It can be a staggering responsibility. Most organizations understand the need to automate vendor risk management activities to keep up with increasing scope and scrutiny. Yet they...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
