Companies are struggling to keep their networks secure, particularly when they involve cloud computing, but an emerging technology—machine learning—could provide some help to eliminate unauthorized communication in your cloud. One of the biggest challenges of managing network security is understanding the environment: What assets are present? How are they communicating? Read More
For a long time, many companies have used process improvement strategies—ideas such as Six Sigma, Lean, Kaizen, Total Quality Management, Re-engineering, and a slew of others—to streamline operational processes, and they have done so with great success. Process improvement and continuous improvement initiatives, which often rely on the help of Read More
Among the many things that may keep internal auditors up at night are cybersecurity, compliance, and data security and protection, according to a recent survey by the Chartered Institute of Internal Auditors. These top three concerns significantly outrank other risk categories like human resources, regulatory change, and digitalization, although, of Read More
The Defense Department has long known that weaknesses in its information technology systems are a major reason it’s never been able to successfully undergo a financial statement audit. But now that the entire department has been through a full audit for the first time, the results paint a clear picture Read More
As internal audit teams work on their audit plan for 2019, a new report sheds light on where some of the trouble spots are likely to occur for companies, and where internal audit may want to consider focusing its scrutiny and assurance efforts. Last week, technology research firm Gartner issued Read More
Despite record spending on cybersecurity, a new study finds that IT security breaches remain at epidemic levels. According to a new report conducted by Osterman Research, a whopping 70 percent of the more than 200 medium and large organizations surveyed reported being the victim of at least one successful cyber-attack Read More
A new report from the U.S. General Accounting Office examines the causes of the massive 2017 data breach by Equifax that compromised the personal data of more than 148 million Americans. The report contributes the debacle to the company’s failure to use common cybersecurity best practices, poor internal controls, and Read More
The Institute of Internal Auditors issued a new guide on insider threat programs that is designed help internal auditors understand insider threats and related risks by providing an overview of common traits of main players, key risks, and potential impacts. The guide also covers security frameworks, techniques, considerations, and resources Read More
There’s no debate about the value of using open source software (OSS) when building new business applications—cost, flexibility, quality and ease of use, to name a few—but its use comes with legal obligations and security vulnerabilities that can pose significant risks to organizations. To effectively pre-empt such risks, proactive OSS Read More
The deadline is looming for banks and financial institutions that do business in New York to comply with new regulation that requires them to keep an audit trail of financial transactions for at least five years. Provisions of the Cybersecurity Regulation, which was passed in March 2017, will go into Read More
