Risk & Compliance News.

Sep 23rd, 2021 - Everything U.S. Department of Defense (DoD) contractors & their service providers need to know about the Cybersecurity Maturity Model Certification (CMMC). The rise in digital technologies utilized by defense contractors to increase efficiency has let to tremendous growth. However, it has also come with its threats. The United States’ Department of Defense (DoD) supply chain is vital to both national security as well as individuals’ protection in the armed forces. Regardless of where ... [Read More]

Sep 23rd, 2021 - Study reveals 80% of organizations plan to have employees working from home, but security strategies lag behind Cyber Exposure company, Tenable, published a global study that revealed 71% of organizations in India attribute recent business-impacting cyberattacks on the remote workforce due to vulnerabilities in technology put in place in response to the pandemic. The data is drawn from its report titled “Beyond Boundaries: The Future of Cybersecurity in the New World of Work.” The report is ... [Read More]

Sep 23rd, 2021 - Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively. When thinking about cybersecurity risk management, think about the last time you were comparing health-insurance policies. Each policy offers a means to protect yourself and your family from financial losses (e.g. from hospital coverage), and many policies include things that are designed to reduce the likelihood of those losses occurring in the first place (e.g fitness ... [Read More]

Sep 22nd, 2021 - Data breaches by large companies have been in the news for some time. Over the last several years several companies, including Marriott, Yahoo and Volkswagon, have been victimized by hackers who have broken into a company’s computer network. In some cases, the hackers have put the company’s confidential information on the internet. In other cases, the hackers have held the company’s information hostage through ransomware. While companies are rightly concerned about the security of their ... [Read More]

Sep 22nd, 2021 - New Measures Will Account for Technological Updates and Allow for Greater Customization. In many spheres, PCI DSS is like the law of gravity: It affects just about everything. PCI DSS 4.0, the first major update since 2013, is right around the corner. If your business so much as smells cardholder data, this article is for you. Payment Card Industry Data Security Standard (PCI DSS) has become the leading set of security standards for maintaining a secure environment for all companies. Any ... [Read More]

Sep 22nd, 2021 - Repeated U.K. regulator criticisms of declining audit quality might prompt some companies to ask more questions of their auditors. Weng Yee Ng, director at fraud investigator Forensic Risk Alliance, says while there should be a presumption of trust between companies and their auditors, companies can—and should—challenge their auditors throughout the audit process. “The audit committee and the board would know the business best and should challenge the auditors’ opinions and findings, or ... [Read More]

Sep 21st, 2021 - The researchers found that when a ripple event triggers a loss of income, it can lead to losses of $36 million per event. RiskRecon, a Mastercard company, and the Cyentia Institute released a study on Tuesday showing that some multi-party data breaches cause 26-times the financial damage of the worst single-party breach. The organizations used Advisen's Cyber Loss Database to examine incidents since 2008. Almost 900 multi-party breach incidents have been observed since 2008, and 147 newly ... [Read More]

Sep 21st, 2021 - Cybersecurity has been a priority for businesses for many years, however, even with investments in security processes and technology, cyberattacks are commonplace across all industries. Evaluating incidents over the years, cybercriminals have been keeping busy honing their craft, resulting in cybersecurity incidents increasing across the board. It is not only the rise in the number of incidents, but the perpetrators have also become more sophisticated, adapting swiftly and targeting victim ... [Read More]

Sep 20th, 2021 - If you’re running a business or part of a business that is subject to the Healthcare Insurance Portability and Accountability Act (HIPAA), it is important that you are aware of what HIPAA compliance is and make sure that your organization complies with HIPAA requirements. This will ensure that any Protected Health Information (PHI) you have access to remains private and secure. There are moral and ethical reasons to comply with HIPAA requirements, but as well as this, failure to comply can ... [Read More]

Sep 20th, 2021 - Cybercriminals aren’t slowing down, hacking 30,000 sites a day, according to Web Arx Security. In fact, a University of Maryland study clocked a new attack somewhere on the web every 39 seconds — that’s 2,244 daily cyberattacks. “ The Hidden Costs of Cybercrime ,” a joint report from the Center for Strategic and International Studies and McAfee, estimated monetary losses from cybercrime at $945 billion. These and other rising security threats mean stop-gap measures or past practices ... [Read More]