Cybersecurity

Organizations want to embrace all the benefits the cloud has to offer while still protecting their sensitive data. Engaging a cloud provider who practices security by design is a good first step, it’s far from the first one. Greg Tatham...

The FTC says Drizly’s CEO James Cory Rellas was alerted to a potential security loophole two years before a data breach exposed the personal information of 2.5 million customers of the alcohol delivery service. So egregious were Rellas’ actions, according...

Perhaps once distinct teams within organizations, security and compliance functions today go hand-in-hand — or at least they should, writes Sumo Logic CSO George Gerchow. Data breaches continue to wreak havoc on today’s enterprise, with rising stakes of both cost...

In our hyper-connected world, just about every company is a tech company. As commerce and technology become increasingly intertwined, it’s even more important for senior executives and board members to ensure they have basic technological understanding, and Protiviti’s Jim DeLoach...

Cyber threats against organizations of all sizes are only rising as scammers and fraudsters become more and more sophisticated. Kyung Kim and Sara Sendek of FTI Consulting dig deep into the recently released CISA strategic plan for tips on adopting...

In decades past, independence (a flawed measure even in good times) was considered the gold standard of audit. But Strike Graph’s Justin Beals argues that it’s well past time to catch up with technology and instead rely on transparency as...

As the sophistication level of cyber attackers continues to rise, there’s probably not a business on Earth that isn’t at risk. While the day-to-day management of the cyber threat falls to others, as Protiviti’s Jim DeLoach explores, company boards need...

Let’s face it: Nobody wants to be audited. For the average Joe, an IRS audit is a hassle (at best). And in the corporate world, the word itself is sure to draw ire. But Drata’s Troy Fine talks about the...

We don’t know exactly what will be in the upcoming national cybersecurity strategy. But, as FTI Consulting’s Anthony J. Ferrante explains, the policy will almost certainly be an improvement on the status quo. National Cyber Director Chris Inglis has said...

We know that compliance doesn’t necessarily equal security and that training employees is vital to preventing cyber attacks. But a poorly trained worker is the same as one not trained at all, and in too many tech companies, training isn’t...

The reputational damage and compliance failures that result from a data spillage incident are well-known, and as the volume of information companies collect continues to rise, those risks are only going to increase. ActiveNav’s Rich Hale offers simple advice that...

As a former chief privacy officer (CPO) of a publicly traded commercial real estate services firm, Maria D’Avanzo worked in close partnership with her company’s chief information security officer (CISO). They had regular meetings, shared information and issued joint messages...