clenched fist at computer desk

“Civil” War in the Workplace

Posted by - October 27, 2017
While most employers establish policies to promote a civil workplace, the NLRB has instituted new roadblocks, declaring that many of these policies violate federal law. Employers nationwide may now be in violation of these new federal regulations, but there remain a few steps employers can take to align with the…
medieval knight guarding castle

Defending Against Cybercrime

Posted by - May 2, 2017
Network security breaches are never far from the headlines, making cybersecurity a priority for many organizations. In order to protect information from theft, damage and disruptions, organizations must keep their network security up to date, using the best practices and procedures. This article will look deeper into how the enemy…
Preventing cybersecurity issues around M&As

M&A in the Age of Data

Posted by - January 5, 2017
When it comes to M&A due diligence, having strong cybersecurity is increasingly important, even beyond breach detection. For the acquiring organization, the primary fear is an unrecognized data breach, but detecting breaches is often difficult. Enterprises in the midst of – and immediately following – a merger are vulnerable, but…
Putting new privacy requirements in place

How Does Privacy by Design Work in Practice?

Posted by - December 14, 2016
Sweeping new privacy regulations require companies to incorporate protections for personal data into the design of their products and processes — but the law is vague on implementation. Learn how leading assurance professionals and companies are putting these new requirements into practice.
changes to data protection regulation

GDPR is About to Make Everyone a European

Posted by - December 12, 2016
New EU data protection regulations are set to come into force in 2018 and will apply to all companies doing business with European customers, no matter where in the world they are. This major development is set to change the data protection landscape, and it should be the top priority…
guarding against cyber threats

Cyber Crime is Professional

Posted by - December 7, 2016
This year, we’ve seen some significant, high-profile cyber crime, from email hacks to cyber bank theft. Because the attackers and the attacks have become increasingly sophisticated, businesses must take a more proactive approach to cybersecurity. It’s more effective these days to go looking for threats than to stumble upon them…
Regulators have proposed new regulations around cybersecurity

Bank Regulators Issue Proposed Rules on Cybersecurity Controls

Posted by - December 6, 2016
Three bank regulators issue proposed rules on cybersecurity controls to help protect financial institutions from cyber attacks. Patty Tehrani explores the potential impact of the new rules, including the various proposed changes and the types of organizations that should be preparing.
Updates to payment card data security standard to affect compliance

What You Need to Know about the New PCI Standard

Posted by - November 10, 2016
The new payment card data security standard went into effect November 1, 2016. Some of the changes may require significant effort to achieve and could result in companies being out of compliance for an extended period of time. Now is the time to review your control environment and begin filling…
New guidance to minimize cyber risk

Increasing Cyber Attacks Prompt More Regulations

Posted by - October 18, 2016
State and federal regulators are issuing formal cybersecurity requirements to replace recommended guidance and expanding examinations of companies' cybersecurity readiness. New York just issued formal cybersecurity requirements that may serve as the blueprint for other states to follow. Is your program ready for these requirements?
Updates help to minimize regulatory risk

FFIEC Releases Updates to Information Security Booklet

Posted by - October 6, 2016
Data security has become a vital piece of any good compliance management system. In the financial services industry, we still have not received clear regulation around what protocols are necessary, nor a bright line rule defining what data protection requirements are essential to be considered compliant, so we welcome any…