Tag Archive: cybersecurity

Top Risk Management Issues Facing Higher Education

Written by
Published 12/24/2019

Institutions of higher education (IHEs) are besieged by risk, especially cybersecurity and information security risk. Risk management for these institutions is critical but also extremely challenging, like trying to juggle balls and lighted torches all at once. Colleges and universities are worlds in themselves, providing not only classroom learning but health care, living quarters, meals, athletics, entertainment, research opportunities, and more to students, faculty, and staff. To pull it off, higher education institutions must collect a lot of personal data such as health records, financial information, scholastic records, and insurance information. These are the details that enable colleges to meet the needs of so many people every day. But possessing all this data makes every college and state university an…

Cybersecurity Audit Checklist

Written by
Published 12/19/2019

Today’s network and data security environments are complex and diverse. There are hundreds of pieces to a security system and all of those pieces need to be looked at individually and as a whole to make sure they are not only working properly for your organization, but also safe and not posing a security threat to your company and your data or the data of your customers. Risk management and risk assessments are important parts of this process. Data loss and data breaches are detrimental to your organization and can make or break a company, especially if a breach causes other organizations to lose confidence in your ability to keep yours and their data secure. For this reason, it is absolutely critical for you to…

How Can RMIS Support Risk Management?

Written by
Published 07/10/2018

A risk management information system (RMIS) allows you to automate many of the difficult to organize tasks involved in compiling, storing, and communicating risk information.

7 Challenges of Being an IT Compliance Manager: Automation Makes You an American Ninja Warrior

Written by
Published 10/10/2017

The challenges of being an IT compliance manager compare to those the American Ninja Warriors face. Competing against not only others but also themselves, American Ninja Warriors run increasingly demanding obstacle courses, hoping to win the ultimate prize by overcoming the final stage, Mount Midoriyama. The competition continually adds new challenges, causing many to fail. IT compliance managers face the same kinds of increasingly burdensome challenges in a constantly evolving information security landscape. To advance to Mount Midoriyama, book a demo with one of our ninja warrior GRC experts today.   Challenge 1: Information Silos One of the biggest challenges of being an IT compliance manager lies in coordinating a program across multiple departments. Trying to manage all these different…

Hidden Cost of Cyberattacks: What Automation Can Do to Save You Money

Written by
Published 06/27/2017

In 2016, Deloitte published its white paper on the hidden cost of cyberattacks. The firm reported that of the fourteen “impact factors,” some are obvious while others are less so. Cyberattacks are not simply single moments in time. Their life cycles can take months or years to come to an end. The incident response lifecycle starts with the reactive phase of incident triage and occurs in the days or weeks following an attack’s discovery. This means contacting those impacted and getting the business back online. The second step, impact management, involves finding ways to fix any problems that led to the breach, or to adjust internal processes. Finally, the business recovery phase includes rebuilding or redesigning assets to help rebuild…

The Cyber Regulations are Coming. Get Your 2017 Budget Ready Now.

Written by
Published 10/27/2016

Read the news and chances are you’ll see yet another report of a major cybersecurity breach. Big brands and small companies alike, none are immune. So it came as little surprise to see a recent article in Fortune reporting on new cybersecurity regulations for companies in the financial industry from the State of New York. In essence the rules will hold financial firms accountable for preventing cyberattacks by requiring them to encrypt sensitive data and appoint CISOs. What’s more,  they require senior executives to sign off on cyber-compliance. The rules go into effect in 2017. And while they apply only to financial firms licensed by the State of New York, given the sheer number of financial companies in the state,…

Staying Compliant in the Cloud Without a Cybersecurity Attorney

Written by
Published 02/11/2016

This post was originally published on CloudExpo by Brad Thies. Cybersecurity is a complex field, and with laws varying across states and countries, keeping cloud usage compliant can become a real headache for enterprise security decision-makers. As regulations continue to lag behind the rapid pace of technological advancements, many IT security professionals turn to the expertise of cybersecurity lawyers, who not only understand the ambiguities of the law, but are also able to secure and protect their employers’ interests in the case of a breach. When Is a Cybersecurity Attorney Needed? There are times when cybersecurity lawyers are essential. Given recent developments such as Edward Snowden’s National Security Agency leaks, the exponential growth of the Internet of Things, and the throwing…