No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Cybersecurity

Do You Have a Cybersecurity Problem?

by Glen Segal
December 12, 2014
in Cybersecurity, Risk
Do You Have a Cybersecurity Problem?

When the topic of cybersecurity comes up at your organization, I’m guessing your executives immediately look to the CIO – yourself included. After all, when you’re talking about data, about information access and about the technology needed to keep both safe from unwanted activities, you assume IT has it covered. And your organization isn’t the only one operating under this assumption – far from it.

According to a report by Kroll and Compliance Week, three-quarters of Compliance Officers have no involvement in managing cybersecurity risk. Plus, 44 percent of respondents revealed that their Chief Compliance Officer is only given responsibility for privacy compliance and breach disclosure after a security incident has taken place and plays zero part in addressing the risks beforehand.

Here’s the problem with that approach: many breaches are preventable. According to the 2013 Verizon “Data Breach Investigations Report,” 78 percent of initial intrusions are rated as “low difficulty.” Now, don’t get me wrong: hackers are extremely crafty and are scheming new tactics as I write this. But part of the reason they are able to get their hands on data that isn’t theirs is because organizations simply aren’t prepared.

The blasé “it will never happen to us” mentality still runs rampant, making companies all the more vulnerable to cyber attacks. This is surprising, considering that you don’t have to look far for frightening examples of mammoth data exploitations. Just weeks ago, we all heard about the largest known data breach to date, with a Russian crime ring stealing 1.2 billion usernames and passwords from 420,000 websites. If that doesn’t scare companies straight, I don’t know what will.

However, keeping malicious attacks at bay can feel much like swimming upstream, particularly with the onslaught of mobile devices and the movement to the cloud. According to Cisco’s Global Mobile Data Traffic Forecast, there are almost as many mobile devices (seven billion) on the planet as there are humans – a scary thought as most lack the proper security and mobile malware grew at  a startling rate of 614 percent from 2012 to 2013.

Many companies find themselves either scrambling to secure employees’ mobile devices or resisting the BYOD movement for fear of a security breach. In fact, a McKinsey & Company survey (“The Rising Strategic Risks of Cyberattacks”) found that 70 percent of respondents had delayed the adoption of public cloud computing by a year or more due to security concerns, and 40 percent said such concerns delayed enterprise-mobility capabilities by a year or more.

Rather than holding your organization back from reaping the rewards that mobile and cloud computing have to offer, why not take robust measures to eliminate any weak links, protect your company from cyber risks and ensure your compliance standings aren’t impacted? Here are six places to start:

  • Don’t trust anyone: Just because you choose to partner with a seemingly trustworthy, well-known name, doesn’t mean they are doing what’s required to keep your data safe. The 2014 Anti-Bribery and Corruption Benchmarking Report found that only 43 percent of organizations monitor compliance once a third-party relationship has started. Push IT for details on partnership SLAs, encryption levels, DLP integration and other security capabilities.
  • Maintain complete cloud control: Find out exactly where your data will be stored and consider a private cloud deployment to maximize data security. Check out my previous article, “Be a Control Freak When it Comes to Your Enterprise Content” for recommendations on a Compliance Officer’s role when choosing a cloud solution.
  • Put a stake in the ground: You want to make sure that IT carefully manages how employees access and share information. Your company should endorse one mobile file-sharing and collaboration solution for use enterprise-wide. If you don’t, employees could turn to consumer-class file sharing solutions and you lose control over how files are distributed and who has access – a breach in waiting.
  • Make sure what’s lost isn’t found: Every 3.5 seconds someone in the U.S. loses a cell phone. Even if a lost smartphone or tablet does not hold confidential data, it might have apps or cached credentials that make it easy for criminals to hack into your organization’s network. Devices will inevitably get lost along the way, so it’s critical to have remote wiping capabilities to make sure that sensitive data doesn’t get into the wrong hands.
  • Get serious about authentication: You want to give the right users access to the right information at the right time while keeping unauthorized individuals out. For any solutions that touch your confidential data, look for straightforward LDAP/multi-LDAP and AD integration, support for single sign-on and the ability to easily establish and reset password policies.
  • Tell employees you’re watching: You’re likely already conducting internal security audits, so why share the results with your staff? Communicate anonymous details of who’s accessing what information, when and from where so users know that you’re paying close attention.

Significant cloud and mobile benefits are there for the taking, but you first need to team up with IT to keep your company’s data safe from unwanted eyes. While no one can predict where the next cyber attack will strike, you can do your part to make sure your organization doesn’t become the next breach headline.


Previous Post

Compliance Attitudes in High-Risk Markets

Next Post

Seamus Heaney and Compliance With a Seat at the Table

Glen Segal

Glen Segal

Glen Segal joined Accellion as CFO and Senior Vice President of Finance in December 2002. He has over 20 years experience in finance, fund raising strategy and business development. He was a partner at Mercer Management Consulting and has held finance and strategy positions at GE and GE Capital, Nortel Networks and Bay Networks. Prior to joining Accellion he was CFO of FlowStorm, Inc. where his responsibilities included financial management and planning, fund raising, and administration. He has also served as VP of Finance and Corporate Development at FiberStreet where he spearheaded multiple initiatives in financing, business development and operations. Mr. Segal holds a BA degree in Economics from Whitman College and an MBA from the University of Chicago.  

Related Posts

You are now registered!

Webinar: What Employee Experience Reveals About Your E&C Program

by Corporate Compliance Insights
May 16, 2025

11 a.m. - 12 p.m. ET Tuesday, June 3 Are your ethics and compliance metrics capturing what really matters? Programs...

LRN 2025 Program Maturity Global Study

2025 Global Study on Ethics & Compliance Program Maturity

by Corporate Compliance Insights
May 16, 2025

How does your ethics and compliance program measure up? Global study Ethics & Compliance Program Maturity What’s in this global...

check engine light

What Gets Measured Gets Managed, but What Actually Matters in Compliance?

by Keshonda Walker
May 16, 2025

Looking beyond standard measurements to identify the quiet signals that help compliance teams address issues before they become crises

call center mentor and caller

Telemarketing Rule Update Demands Faster Action on Consumer Opt-Outs

by Paul St. Clair
May 16, 2025

New requirements reduce opt-out processing time from 30 to 10 days and expand what qualifies as a "reasonable" consumer revocation...

Next Post
Seamus Heaney and Compliance With a Seat at the Table

Seamus Heaney and Compliance With a Seat at the Table

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights