How Digital Transformation Really Drives GRC

Written by
Published 04/03/2017

Like most technology startups, we welcome digital transformation of the business world. It opens new markets, lets you forge closer bonds to customers and business partners, increases profits, accelerates sales cycles. Wonderful stuff, and we mean that. For compliance and risk professionals, however, the digital revolution brings challenges unlike any you’ve faced before. The easy analysis is to say that all the benefits mentioned above also bring new risks—ones that can strike unexpectedly. New markets bring new corruption or money-laundering risks; new business partners bring new data security risks. That’s all true. But unless you want to keep reacting to new risks, frantically whacking them down every time they crop up, compliance officers need to ponder this new risk and…

Information Silos Can Be Broken Using GRC Automation

Written by
Published 03/30/2017

New technology seems exciting and shiny, just like new employees. However, both can create information silos. GRC automation tools can help break those silos and create a more cohesive organization.

User Behavior Analysis 101: What You Need to Know

Written by
Published 03/21/2017

Words like “hacker” and “breach” strike terror into the hearts of employers, but with user behavior analytics (“UBA”), organizations can more easily track the types of activities that may indicate intrusions. Understanding behavior analytics requires understanding security analytics. More recently, UBA has also been called user and entity behavior analytics (“UEBA”) to better encompass how the algorithms work. The two terms are often used interchangeably. These kinds of programs analyze log and event data from applications, endpoint controls, and network defenses. With user behavior analytics, vendors can use big data techniques to determine employee patterns of behavior so that anomalies can be more easily detected. This can help locate or trace breaches. Difference Between SIEM and UBA Security identity event…

Categorized in:

Security Awareness: 5 Ways to Educate Your Employees

Written by
Published 03/13/2017

Security Awareness: 5 Ways to Educate Your Employees   Security awareness training is the number one tool needed to build a culture of cybersecurity. For a business to remain secure, employees from the top levels of senior management to the most introductory level jobs need to buy into the importance of cybersecurity. Employee training sessions, however, are like those required introductory college courses. People feel they already know the information so they only half-heartedly pay attention and then wing the quizzes at the end hoping for the best, sort of like those college essays they hated writing. Unlike a college essay, security awareness has long-term financial and reputational risk implications. The 2016 IBM Cost of Data Breach Study indicated that…