With consumer awareness of privacy at an all time high, there is not only regulatory risk, but also reputational and brand risk for those CMOs who drop the ball – an increasingly likely occurrence as the changes to the familiar status quo mount.
Without securing their mobile apps, any mishandling of customers' sensitive information during the holiday shopping season could haunt retailers for months and years to come.
For organizations to stand a chance against cybercriminals, adopting a hacker mindset is crucial. Understanding their tactics, regularly updating skills, and proactively seeking vulnerabilities are the keys to outpacing cybercriminals.
Avoid the common pitfall of using pre-existing approach to Data Protection Impact Assessment (DPIA) without knowing the Article 29 Working Party guidelines.
The SEC has been clear that proper risk management and timely cyber incident disclosures protect investors and other stakeholders. The regulators may make an example out of SolarWinds and its leadership at the time of the Orion incident to set the tone for the importance of software supply chain security.
Emerging cyber risk quantification methods are allowing boards to ask “what if” questions if operating conditions change, and to align cyber risk with what they know about the business—upcoming economic challenges, potential merger and acquisition activities, or even the effect on the company’s financial statements or stock price.
The reasons that boards approve investments are quite different to the decision-making process undertaken by CISOs and IT decision makers themselves.
While the wheels of digital transformation were set in motion much earlier, the pandemic accelerated their speed. It significantly impacted how organisations approach their IT ecosystem and security. Today’s landscape, with no perimeter, requires a Zero Trust approach.
The cloud can provide better data security than traditional storage … when done correctly. How do you ensure your unstructured data remains secure and highly available?
In recent years, this has meant regulation and legal enforcement around data collection have not kept pace with the exponential growth in the tech industry. This can oftentimes lead to big consequences for individuals.
