Saturday, March 6, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

New Year’s Resolutions: Cybersecurity Should Be at the Top of Your List for 2019

by Steve Durbin
December 21, 2018
in Data Privacy, Featured
red open padlock beside blue closed padlocks, concept of security threat

3 Emerging Areas of Concern

Information Security Forum recently released “Top Emerging Threats for 2019,” an annual outlook on the top global security threats businesses may face in the coming year. ISF’s Steve Durbin provides insight into some of the most pressing threats organizations should be aware of.

It’s that time of year again – time for each and every one of us to reminisce on the past year and make resolutions for how we can do better in the year ahead.

In the year ahead, organizations must prepare for the unknown so they have the flexibility to endure unexpected and high-impact security events. To take advantage of emerging trends in both technology and cyberspace, businesses need to manage risks in ways beyond those traditionally handled by the information security function, since innovative attacks will most certainly impact both business reputation and shareholder value.

Based on comprehensive assessments of the threat landscape, the Information Security Forum recommends that businesses focus on the following security topics in 2019:

  • The Increased Sophistication of Cybercrime and Ransomware
  • The Impact of Legislation
  • Smart Devices Challenge Data Integrity

We’ve provided an overview for each of these areas below:

The Increased Sophistication of Cybercrime and Ransomware

Criminal organizations will continue their ongoing development and become increasingly sophisticated. Some organizations will have roots in existing criminal structures, while others will emerge focused purely on cybercrime. Organizations will also struggle to keep pace with this increased sophistication, and the impact will extend worldwide, with malware in general and ransomware in particular becoming the leading means of attack.

While overall damages arising from ransomware attacks are difficult to calculate, some estimates suggest that there was a global loss in excess of $5 billion in 2017. On the whole, the volume of new mobile malware families grew significantly throughout 2017 – in particular, mobile ransomware. This should be expected to continue in 2019. Email-based attacks such as spam and phishing (including targeted spear phishing) are most commonly used to obtain an initial foothold on a victim’s device. Cybercriminals behind ransomware will shift their attention to smart and personal devices as a means of spreading targeted malware attacks.

The Impact of Legislation

National and regional legislators and regulators that are already trying to keep pace with existing developments will fall even further behind the needs of a world eagerly grasping revolutionary technologies. At present, organizations have insufficient knowledge and resources to stay apprised of current and pending legislation. Additionally, legislation by its nature is government- and regulator-driven, resulting in a move toward national regulation at a time when cross-border collaboration is needed. Organizations will struggle to keep abreast of such developments, which may also impact business models that many have taken for granted. This will be of particular challenge to cloud implementations, where understanding the location of cloud data has been an oversight.

Smart Devices Challenge Data Integrity

Organizations will adopt smart devices with enthusiasm, not realizing that these devices are often insecure by design and, therefore, offer many opportunities for attackers. In addition, there will be an increasing lack of transparency in the rapidly evolving IoT ecosystem, with vague terms and conditions that allow organizations to use personal data in ways customers did not intend. It will be problematic for organizations to know what information is leaving their networks or what is being secretly captured and transmitted by devices such as smartphones, smart TVs or conference phones. When breaches occur or transparency violations are revealed, organizations will be held liable by regulators and customers for inadequate data protection.

A Continued Need to Involve the Board

The role of the C-Suite has undergone significant transformation over the last decade. Public scrutiny of business leaders is at an all-time high, in part due to massive hacks and data breaches. It’s become increasingly clear in the last two years that in the event of a breach, the hacked organization will be blamed and held accountable.

The executive team sitting at the top of an organization has the clearest, broadest view. A serious, shared commitment to common values and strategies is at the heart of a good working relationship between the C-suite and the board. Without sincere, ongoing collaboration, complex challenges like cybersecurity will be unmanageable. Covering all the bases — defense, risk management, prevention, detection, remediation and incident response — is better achieved when leaders contribute from their expertise and use their unique vantage point to help set priorities and keep security efforts aligned with business objectives.

Incidents will happen, as it is impossible to avoid every breach. But you can commit to building a mature, realistic, broad-based, collaborative approach to cybersecurity and resilience. Maturing your organization’s ability to detect intrusions quickly and respond expeditiously will be of the highest importance in 2019 and beyond.


Tags: data breachinformation securityinternet of things (IoT)ransomwarereputation risk
Previous Post

The 2019 TRACE Bribery Risk Matrix Rankings for Asia-Pacific

Next Post

10 Ways to Improve Your Risk Assessment Process

Steve Durbin

Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments. Previously, he was Senior Vice President at Gartner.

Related Posts

green and red location markers on map

FinCEN’s Registry Will Be a Game-Changer. It Will Also Place an Added Burden on Corporations.

March 5, 2021
illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
Illustration representing a facial recognition technology scan of a face.

Facial Recognition Technology in the Workplace: Employers Use It, Workers Hate It, Regulation Is Coming for It

March 3, 2021
Next Post
rising arrow on staircase

10 Ways to Improve Your Risk Assessment Process

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights