Timelines for security and compliance audits are largely unchanged in 2020, despite the disruptive impacts of COVID-19 on teams that are now working remotely, according to a recent survey of North American CISOs assessing the challenges facing security and compliance professionals. The survey, a joint effort between Shujinko and Pulse, Read More
An internal audit found “woefully lax” security in the Central Intelligence Agency’s hacking unit which led to the theft and leak of top-secret hacking tools in 2016. The stolen information was leaked by an employee and released by WikiLeaks in 2017, a disclosure totaling about 8,000 pages with details about Read More
As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other cybercriminal scams targeting a largely at-home workforce. Meanwhile, researchers also are finding that cyber-criminals are continuing to spoof organizations that are providing COVID-19 updates to the public. For example, Read More
Targeted ransomware attacks against companies and government agencies are likely to surge in the coming months as ransomware-as-a-service continues to evolve into a lucrative model for cybercriminals, security experts warned at the 2020 RSA conference. The spike in demand for ransomware-as-a-service tools in underground forums, coupled with the anonymity offered Read More
The Commodity Futures Trading Commission announced it will become the first federal agency to adopt the recently released privacy framework from the National Institute of Standards and Technology (NIST). The framework is a voluntary tool designed to improve privacy through enterprise risk management. The CFTC will integrate the framework into Read More
As organizations continue to collect customer and employee data, chief audit executives are becoming increasingly concerned about how their organizations govern and protect it, according to a new report from research and advisory firm Gartner. According to Gartner’s annual Audit Plan Hot Spots Report, data governance has risen to the Read More
Companies are struggling to keep their networks secure, particularly when they involve cloud computing, but an emerging technology—machine learning—could provide some help to eliminate unauthorized communication in your cloud. One of the biggest challenges of managing network security is understanding the environment: What assets are present? How are they communicating? Read More
A new survey of top business risks, as identified by chief internal auditors in Europe, has found that companies there are most concerned about cybersecurity and data security, increased regulation, and disruptive technology. The survey of 528 chief internal auditors conducted by a group of eight internal audit professional associations Read More
Businesses today cannot be separated from their digital assets. Data drives every aspect of business, from strategic decisions to tactical operations, and all that data is stored in, accessed by, and transmitted across networked systems. Keeping cyber risks under control is a critical issue for any company. Even small, non-tech-oriented Read More
A report by British Columbia’s auditor general has revealed several holes in the safety net that restricts access to provincial government systems with the discovery that some ministries weren’t following the rules. Auditor general Carol Bellringer’s report released this week looked at five ministries and how each allowed employees and Read More
