Security leaders in enterprise energy organizations face the challenge of assessing the efficiency of their cybersecurity program, planning proactive risk mitigation, and communicating their posture across all levels of the organization from the Board of Directors to auditors and asset owners.
Read this case study...
As an IT or OT security leader, you must be able to communicate cybersecurity compliance, risk posture, and Return on Security Investment (ROSI) to management. Hundreds of these security leaders have already made the transition to an integrated risk management approach to cyber program management, reconfiguring the...
The global nature of business and the presence and impact of cyber adversaries make it an organizational imperative to consistently re-assess the effectiveness of our security practices. Adopting best practices have become essential to consistently managing enterprise risk. Zero Trust offers security practitioners a...
Dora Gomez of the Association of Certified Fraud Examiners discusses why security professionals should set up a framework to deal with changing regulations and threats.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Information security program development and maintenance continues to reside at the core of good response, incident management and overall information security program capability. In the current landscape, where the cyber threat consists largely of a growing and persistent threat of fraud and the potential for a...
Look at information security through the lens of business risk, and you'll begin to make decisions about security in light of their impact on the business. With security threats emerging faster than ever, what information is most important to protect? What happens if it's not protected? What strategic business...
Mobile capture is quickly becoming an important differentiator for many companies and organizations, especially those in traditionally document-intensive fields like banking, insurance, healthcare and government operations. According to a 2014 study conducted by AIIM, 45% of companies feel that mobile capture is...
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
TD Bank has been ordered to pay $52.5 million in penalties for violations of the Bank Secrecy Act and securities laws as a result of failing to file timely suspicious activity reports related to nearly $1 billion worth of transactions.
Organizations generally do a good job focusing on governance, risk and compliance. But breaches add up, and LockPath CEO Chris Caldwell wonders "Where is the 'S' in GRC?" - where is the security?
Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.
The penalties paid out by HSBC and Standard Chartered Bank for violations to money-laundering regulations should serve as a wake-up call, says Kevin Sullivan. In fact, banking institutions should brace for more fines.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.
