As an industry professional, you're eligible to receive a printed copy of the journal.

Fill out your address below.






Please reset your password to access the new DRJ.com
Reset my password
Welcome aboard, !
You're all set. We've send you an email confirmation to
just to confirm you're you.

Welcome to DRJ

Already registered user? Please login here

Existing Users Log In
   

Create new account
(it's completely free). Subscribe

The Value of a BC Program

The Value of a BC Program

By OSCAR MUNOZ When a business faces technological disruptions or natural disasters such as floods, earthquakes, fires and tornadoes, no one anticipates it. These types of events occur when least expected and can result in either a...
Tune Into Your BC Plans

Tune Into Your BC Plans

Drummer, singer, and guitarist extraordinaire Dave Grohl has been a part of several prolific rock bands such as Nirvana and the Foo Fighters. He recently brought up an interesting view on playing guitar. Grohl’s view on playing music relates much closer to...
DRaaS Providers Come of Age

DRaaS Providers Come of Age

Originally appeared on the DCIG blog.   By Jerome M. Wendt As more organizations embrace a cloud-first model, everything in their IT infrastructure comes under scrutiny, to include backup and recovery. A critical examination of this component of their...
How 100-Year-Old Firms Stay Relevant

How 100-Year-Old Firms Stay Relevant

As we’ve reported prior, the majority of legacy Fortune 500 firms are no longer market leaders because their focus remains on protecting their traditional business in this era of digital transformation. In last month’s midwestern US...
Cloud Security and Risk Mitigation

Cloud Security and Risk Mitigation

Just because your data isn’t on-premises doesn’t mean you’re not responsible for security   The cloud certainly offers advantages, but as with any large-scale deployment, the cloud can also offer unforeseen challenges. The concept of the cloud...
Disarming Employee Weaponization

Disarming Employee Weaponization

Human vulnerability presents a real threat for organizations. But it’s also a remarkable opportunity to turn employees into our strongest cyber warriors.   Employee awareness has become a critical necessity for modern organizational security. While the...
TA505 Group Launches New Targeted Attacks

TA505 Group Launches New Targeted Attacks

Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore. Russian-speaking threat group TA505 has begun targeting individuals working at financial...
New MacOS Malware Discovered

New MacOS Malware Discovered

A wave of new MacOS malware over the past month includes a zero-day exploit and other attack code. A wave of malware targeting MacOS over the past month has raised the profile of the operating system once advertised as much safer than Windows. The newest attack...
Tackling Commuter Congestion

Tackling Commuter Congestion

Could the world’s most congested cities ease commuters’ woes with flexible working? 40% of people cite their commute as the worst part of their day. On public transport, travellers often experience crowded conditions, stress, discomfort, disruption,...
Table Top Exercise Revelations

Table Top Exercise Revelations

https://www.virtual-corp.com/business-continuity/table-top-exercise-revelations/   By Bob Farkas, PMP, AMBCI, SCRA One of the most useful, insightful, and entertaining business continuity activities is table top exercises. These are generally well known to...
Fire Technology: Public Safety Drone Update

Fire Technology: Public Safety Drone Update

In 2019, drones have definitely become an integral part of the public safety landscape and to some, drones are now considered mission critical. Flashing back to 2015, drones had shown some progress but were still mired in strict Federal Aviation Administration (FAA)...
HAVE A DISASTER PLAN FOR YOUR SMALL BUSINESS

HAVE A DISASTER PLAN FOR YOUR SMALL BUSINESS

Owning a small business has many rewards, like freedom, independence and the chance to financially benefit from your own hard work.  But there are also major challenges, like long hours, hungry competitors, and cash-flow problems. One of the challenges that lands...
Challenges Facing Emergency Managers Today

Challenges Facing Emergency Managers Today

By its very definition, emergency management is a field that deals constantly with challenges. Back in 2005, we co-authored an article that examined some specific “critical obstacles” facing emergency managers at the time, including: an imbalance of focus...
What is IT Disaster Recovery?

What is IT Disaster Recovery?

Disaster recovery is an important process within business continuity management (BCM) that focuses on developing a plan of action to recover from a potential internal or external business threat. In other words, disaster recovery is about ensuring that the business...
How Can You Mitigate Risk On Your Phone?

How Can You Mitigate Risk On Your Phone?

Do we understand how to avoid the risk of our devices being compromised? For most of us, our mobile phones are an extension of ourselves. Our daily routine, interests, personality and vital information are all stored on devices that we take with us on-the-go to assist...
INSURANCE PROTECTION FOR A RAINY DAY

INSURANCE PROTECTION FOR A RAINY DAY

June weather in New York City can be fickle. As the I.I.I.’s own Brent Carris reported, this fickleness can lead to chaos for the city’s outdoor music festivals, like the recent fiasco at this year’s Gov Ball. Carris noted that event organizers...
No Elevators

No Elevators

“There is no elevator to success. You have to take the stairs.”  ~ Bit of wisdom on stairway outside a high-intensity gym Life ain’t easy. Neither is a job. That’s why they call it work. It’s true of every aspect of personal life and...
Forrester’s Guide To Paying Ransomware

Forrester’s Guide To Paying Ransomware

Paying Ransom Can Be A Valid Recovery Option Based On Business Need And Circumstances Why Read This Report Conventional wisdom says that when your company suffers a ransomware attack, you should never pay the ransom. But hardline conversations about whether to...
The CISO’s Drive to Consolidation

The CISO’s Drive to Consolidation

Cutting back on the number of security tools you’re using can save money and leave you safer. Here’s how to get started.   Industry reports vary, but experts estimate that the modern CISO uses somewhere between 55 and 75 discrete security products....
Predicting Vulnerability Weaponization

Predicting Vulnerability Weaponization

Advances in data science are making it possible to shift vulnerability management from a reactive to a proactive discipline   Keeping pace with the endless deluge of security vulnerabilities has become one of the truly Sisyphean tasks for enterprise IT...
FBI Warns of Dangers in ‘Safe’ Websites

FBI Warns of Dangers in ‘Safe’ Websites

Criminals are using TLS certificates to convince users that fraudulent sites are worthy of their trust   One of the most common mechanisms used to secure web browser sessions — and to assure consumers that their transactions are secure — is also being...
What is an IT Disaster Recovery, RPO and RTO?

What is an IT Disaster Recovery, RPO and RTO?

Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are essential to the success of any business continuity program. With a wide range of potential business interruptions, RTO and RPO are two of the most critical factors of a disaster recovery or data...
Federal Photos Filched in Contractor Breach

Federal Photos Filched in Contractor Breach

Data should never have been on subcontractor’s servers, says Customs and Border Protection.   Photos used by US Customs and Border Protection (CBP) in an effort to protect travelers have been taken in an attack against a federal subcontractor. Officials...
ISO: The new dawn of disease control

ISO: The new dawn of disease control

In our evermore complex, interconnected world, with health systems undergoing new challenges and stresses, risk management in the healthcare industry has never been more important. Three ISO standards play a significant role in matching clinical quality with...
CISOs & CIOs: Better Together

CISOs & CIOs: Better Together

An overview of three common organizational structures illustrates how NOT to pit chief security and IT execs against each other.   For certain critical IT deliverables, CIOs and CISOs embody the inherent tension between cybersecurity and operational requirements....
What Cyber Skills Shortage?

What Cyber Skills Shortage?

Employers can solve the skills gap by first recognizing that there isn’t an archetypal “cybersecurity job” in the same way that there isn’t an archetypal “automotive job.” Here’s how.   It feels like every day,...
How to get the most from your team

How to get the most from your team

Any business serious about building a successful future needs to meet its employees’ demands for flexibility   The fact that the work landscape is evolving at a rate of knots won’t have escaped your notice. The very idea that we should work 9 to 6,...
WannaCry Lives On in 145K Infected Devices

WannaCry Lives On in 145K Infected Devices

Data from the last half year shows devices worldwide infected with the self-propagating ransomware, putting organizations with poor patching initiatives at risk.   Two years after the WannaCry ransomware attack blitzed through major organizations and shut down...
Cybercrime: Looking Beyond the Dark Web

Cybercrime: Looking Beyond the Dark Web

Fighting cybercrime requires visibility into much more than just the Dark Web. Here’s where to look and a glimpse of what you’ll find. The now-shuttered DeepDotWeb, which was a uniquely centralized and trusted repository of Dark Web links and...
Rethinking Resilience Analytics

Rethinking Resilience Analytics

Abstract The concept of “resilience analytics” has recently been proposed as a means to leverage the promise of big data to improve the resilience of interdependent critical infrastructure systems and the communities supported by them. Given recent...
What Happens When Managers Misbehave?

What Happens When Managers Misbehave?

GRC professionals in particular know the importance of tone at the top. When a leader has an ethical lapse, the ramifications can be far-reaching. Michael Volkov discusses the potential fallout of managerial misdeeds. Company managers are the linchpin of a corporate...
The 3 Cybersecurity Rules of Trust

The 3 Cybersecurity Rules of Trust

Every day, keeping anything secure requires being smart about trust. The rules of trust will keep you and your data safer.   Do you trust me? Why wouldn’t you? I’m honest, have strong credentials in cybersecurity, and helped design security solutions...
GDPR: A Year of Monitoring Data Protection

GDPR: A Year of Monitoring Data Protection

The first anniversary of GDPR is rapidly approaching on May 25. Tech companies used the past year to learn how to navigate the guidelines set in place by the law while ensuring compliance with similar laws globally. After all, for companies who violate GDPR, the legal...
Adaptive BC: Not for Most

Adaptive BC: Not for Most

By Brian Zawada Director of Consulting Services, AvalutionConsulting Adaptive BC has done a great job of stirring up the business continuity profession with some new ideas. At Avalution – we love pushing the envelope and try new things, so we were excited...
Old Threats Are New Again

Old Threats Are New Again

They may look familiar to you, and that isn’t a coincidence. New threats are often just small twists on old ones. Cyberattackers are often thought to be tech experts. Cyberattackers understand security vulnerabilities and loopholes that most people don’t...
Data Security: Think Beyond the Endpoint

Data Security: Think Beyond the Endpoint

A strong data protection strategy is essential as data moves across endpoints and in the cloud  LAS VEGAS – Endpoint security is a common concern among organizations, but security teams should be thinking more broadly about protecting data wherever it...
The Data Problem in Security

The Data Problem in Security

CISOs must consider reputation, resiliency, and regulatory impact to establish their organization’s guidelines around what data matters most. Today’s CIOs are the stewards of company data, responsible for its health and performance as well as maintenance...
Anticipating the Trash Crisis of the Future

Anticipating the Trash Crisis of the Future

What will happen to the plastic bag you threw away with lunch today? Will it sit in a landfill, clog a municipal sanitation system, or end up in your seafood? Concern over this question has helped spur the rise of the new and rapidly growing cultural trend of people...
Who Moved The Communications Services Sector?

Who Moved The Communications Services Sector?

Success in the communications services sector is indeed a capricious piece of cheese. In it, every new technology advancement brings new business models, new security and sociopolitical debates, brand new industries of disruptors, and even new job roles for man and...
Website Attack Attempts Rose by 69% in 2018

Website Attack Attempts Rose by 69% in 2018

Millions of websites have been compromised, but the most likely malware isn’t cyptomining: it’s quietly stealing files and redirecting traffic, a new Sitelock report shows. Websites suffer an average of 62 serious attack threats per day — an average...
Is your crisis management plan good enough?

Is your crisis management plan good enough?

The aftermath of a global corporate scandal is a very messy affair. Firstly, there’s the breaking news, then the media frenzy, the plummeting share price, the evaporating confidence, the damage-limitation exercises and finally the grovelling executives. We live...
Beyond Technology

Beyond Technology

The same disruptive technologies that are changing our lives and revolutionizing virtually every sector of the economy can be used to create a more sustainable world. By setting the standards that frame these initiatives, ISO/TC 207 helps scale solutions to our...
Better Behavior, Better Biometrics?

Better Behavior, Better Biometrics?

Behavioral biometrics is a building block to be used in conjunction with other security measures, but it shows promise. The quest for frictionless yet secure authentication has been the central driver of innovation in identity and access management (IAM) systems for a...
Attackers Add a New Spin to Old Scams

Attackers Add a New Spin to Old Scams

Scammers are figuring out unique ways of abusing cloud services to make their attacks look more genuine, Netskope says. Cybercriminals have begun abusing legitimate cloud services in new ways to try and sneak attacks past security controls and make their scams appear...
Trust the Stack, Not the People

Trust the Stack, Not the People

A completely trusted stack lets the enterprise be confident that apps and data are treated and protected wherever they are.   With great power comes great responsibility. Just ask Spider-Man — or a 20-something system administrator running a...
Study Exposes Breadth of Cyber Risk

Study Exposes Breadth of Cyber Risk

New study shows SMBs face greater security exposure, but large companies still support vulnerable systems as well. Organizations with high-value external hosts are three times more likely to have severe security exposure to vulnerabilities such as outdated...
FEMA Supply Chain Resilience Guide

FEMA Supply Chain Resilience Guide

Strategic Overview Disasters disrupt preexisting networks of demand and supply. Quickly reestablishing flows of water, food, pharmaceuticals, medical goods, fuel, and other crucial commodities is almost always in the immediate interest of survivors and longer-term...
ALL ABOUT PANDEMIC CATASTROPHE BONDS

ALL ABOUT PANDEMIC CATASTROPHE BONDS

In previous articles, we discussed how communicable diseases and pandemics are (or are not) addressed in personal and commercialinsurance policies. Today, we’ll talk about pandemic catastrophe bonds. The Ebola outbreak between 2014 and...
How to Build a Cloud Security Model

How to Build a Cloud Security Model

More and more businesses are deploying applications, operations, and infrastructure to cloud environments – but many don’t take the necessary steps to properly operate and secure it. “It’s not impossible to securely operate in a single-cloud or...
IT’S SAFE TO WORK IN (NOT ON) MARIJUANA

IT’S SAFE TO WORK IN (NOT ON) MARIJUANA

There’s a pervasive myth out there that the marijuana industry is an unregulated Wild West populated by desperadoes and mountebanks out to score a quick buck. But even a passing familiarity with how the industry operates in states with legal recreational and...
Lessons from a Ransomware Attack

Lessons from a Ransomware Attack

In the wake of a reported ransomware attack on global manufacturing firm Aebi Schmidt, Peter Groucutt outlines the steps companies should take to prepare for such incidents. A clear cyber incident response plan and maintaining frequent communication are critical. The...
5 Security Challenges to API Protection

5 Security Challenges to API Protection

Today’s application programming interfaces are no longer simple or front-facing, creating new risks for both security and DevOps All APIs are different inside, even if they’re using similar frameworks and architectures, such as REST. Under whatever...
The Hiscox Cyber Readiness Report 2019

The Hiscox Cyber Readiness Report 2019

Rising to the cyber challenge Our third Hiscox Cyber Readiness Report provides you with an up-to-the-minute picture of the cyber readiness of organisations, as well as a blueprint for best practice in the fight to counter the ever-evolving cyber threat. Barely a week...
When Every Attack Is a Zero Day

When Every Attack Is a Zero Day

Stopping malware the first time is an ideal that has remained tantalizingly out of reach. But automation, artificial intelligence, and deep learning are poised to change that. The collective efforts of hackers have fundamentally changed the cyber defense game. Today,...
Understanding The Evolving DRP Market

Understanding The Evolving DRP Market

Sixty-four percent of global security decision makers recognize that improving their threat intelligence capabilities is a high or critical priority. Nevertheless, companies across many industries fail to develop a strategy for achieving this. Among the many reasons...
The Cybersecurity Automation Paradox

The Cybersecurity Automation Paradox

Recent studies show that before automation can reduce the burden on understaffed cybersecurity teams, they need to bring in enough automation skills to run the tools. Cybersecurity organizations face a chicken-and-egg conundrum when it comes to automation and the...
Playing Hardball

Playing Hardball

Consider the following: Baseball is the only team sport where the defense has control of the ball. The side currently in offense does not handle the ball as they would in any other sport. A player does not score in baseball by bringing the ball to the finish line or...
What is Compliance SME?

What is Compliance SME?

Donna Boehme, the “Lion of Compliance” shares that true compliance SME is the first and most foundational element of a strong compliance program. An experienced CCO with true compliance SME earned in the field and in the profession understands on many...
Merging Companies, Merging Clouds

Merging Companies, Merging Clouds

Integrating cloud environments is anything but easy. Evaluating the security risks in doing so must be a starting component of an overall M&A strategy. Mergers and acquisitions are an essential part of the enterprise business landscape. These deals foster...
Ignore the Insider Threat at Your Peril

Ignore the Insider Threat at Your Peril

Attacks from insiders often go undiscovered for months or years, so the potential impact can be huge. These 11 countermeasures can mitigate the damage. The fear of cyber breaches looms heavy for many businesses, large and small. However, many companies are so busy...
True Cybersecurity Means a Proactive Response

True Cybersecurity Means a Proactive Response

Successful, secure organizations must take an aggressive, pre-emptive posture if they want true data security Cybercriminals are always works in progress. Their knowledge and ability to bypass security systems are constantly advancing. As they gain knowledge, they...
INSURANCE CAN GET WEIRD

INSURANCE CAN GET WEIRD

Yesterday’s post about insurance-related Guinness World Recordsgot me thinking: what other weird insurance policies are out there? If you know much about insurance, you know that the first place to inquire about weird insurance policies is Lloyd’s of...
In Security, Programmers Aren’t Perfect

In Security, Programmers Aren’t Perfect

Software developers and their managers must change their perception of secure coding from being an optional feature to being a requirement that is factored into design from the beginning Fifth in a continuing series about the human element in cybersecurity....
Breaking Up is Hard to Do

Breaking Up is Hard to Do

Breaking up is hard to do.  Those are not my words.  They were said, or sang by a much more talented guy named Neal Sedaka.  He sang those lyrics back in 1976, but they are still true today.  Breaking up is hard to do.  You can watch a...
If You Can’t Beat ‘Em, Buy ‘Em

If You Can’t Beat ‘Em, Buy ‘Em

The lines between agencies, consultancies, and tech services firms are continuing to blur. This convergence is driven in part by an acquisition-heavy strategy. Like in 2017, the last year of acquisitions saw cloud and agency capabilities as most in demand. But what...
Backup – is your strategy evolving?

Backup – is your strategy evolving?

It goes without saying that backing up data is one of the most important things a business can do, especially considering how data is now essentially the lifeblood of an organization. With this in mind, five IT industry professionals give their advice as to how...
When Donations Come Back to Haunt You

When Donations Come Back to Haunt You

Large donations by companies and family foundations provide the cornerstone for many prominent nonprofit organizations. But when those donations become shrouded in negative publicity, recipients must weigh their value against the damage to the organization’s own...
Lessons from BlackRock’s Data Leak

Lessons from BlackRock’s Data Leak

In January, BlackRock accidentally leaked confidential sales data by posting spreadsheets unsecurely online – certainly not the first time we’ve seen sensitive information “escape” an organization. Incisive CEO Diane Robinette provides guidance...
DDoS Attack Size Drops 85% in Q4 2018

DDoS Attack Size Drops 85% in Q4 2018

The sharp decline follows an FBI takedown of so-called “booter,” or DDoS-for-hire, websites in December 2018. The average distributed denial-of-service (DDoS) attack size shrunk 85% in the fourth quarter of 2018 following an FBI takedown of...
The Case of the Missing Data

The Case of the Missing Data

The latest twist in the Equifax breach has serious implications for organizations. When the Equifax breach — one of the largest breaches of all time — went public nearly a year-and-a-half ago, it was widely assumed that the data had been stolen...
Crowdsourced vs. Traditional Pen Testing

Crowdsourced vs. Traditional Pen Testing

A side-by-side comparison of key test features and when best to apply them based on the constraints within your budget and environment. Crowdsourced security has recently moved into the mainstream, displacing traditional penetration-testing companies from what once...
Has the Road to Settlement Gotten Bumpier?

Has the Road to Settlement Gotten Bumpier?

The Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (the Banking Royal Commission, or BRC) has been in Australian media headlines since the Commission was established on December 14, 2017. On February 4, 2019, the widely...
Prepared for Disaster in Cape Cod

Prepared for Disaster in Cape Cod

(TNS) – More practical — and perhaps more stylish — than the latest fashion handbag, a bright red emergency preparedness “go bag” distributed by the Department of Homeland Security might be even harder to land than next season’s...
Compliance Can Spark Joy, Right?

Compliance Can Spark Joy, Right?

Lesley Maea suggests compliance today could take a cue from Marie Kondo in her Netflix hit, “Tidying Up.” To remain safe and secure, use an intranet as a single source of truth. Yes, you read that right: an intranet. Put everything in one place. Then, you...
Ransomware’s New Normal

Ransomware’s New Normal

GandCrab’s evolution underscores a shift in ransomware attack methods Don’t be fooled by the drop in overall ransomware attacks this past year: Fewer but more targeted and lucrative campaigns against larger organizations are the new MO for holding data...
Citrix Breach Underscores Password Perils

Citrix Breach Underscores Password Perils

Attackers used a short list of passwords to knock on every digital door to find vulnerable systems in the vendor’s network. The recent cyberattack on enterprise technology provider Citrix Systems using a technique known as password spraying highlights a major...
The 12 Worst Serverless Security Risks

The 12 Worst Serverless Security Risks

A new guide from the Cloud Security Alliance offers mitigations, best practices, and a comparison between traditional applications and their serverless counterparts. Serverless computing has seen tremendous growth in recent years. This growth was accompanied by a...
How to Enhance Information Security Efforts

How to Enhance Information Security Efforts

Evan Francen, CEO of FRSecure and Security Studio, makes the case for adopting a third-party information security risk management (TPISRM) program. He outlines how to get started and explains why the common excuses for ignoring the risks don’t hold water....
Data And Analytics Leaders, We Need You!

Data And Analytics Leaders, We Need You!

How do you create an insights-driven organization? One way is leadership. And we’d like to hear about yours. Today, half of the respondents in Forrester’s Business Technographics® survey data report that their organizations have a chief data officer...
Is Data Compliance Equal to Data Security?

Is Data Compliance Equal to Data Security?

Comforte AG’s Jonathan Deveaux stresses that while compliance with the GDPR is a worthy goal, adhering to the regulation doesn’t necessarily mean your organization is safe. Consider both compliance and security a journey, not a destination. The European...
Liar, Liar, Pants on Fyre

Liar, Liar, Pants on Fyre

The failed Fyre Festival of 2017 serves as a cautionary tale to any who’d ignore warnings from trusted advisers and key stakeholders. Sandra Erez discusses how the Fyre Festival went so disastrously wrong – and the lesson compliance practitioners should...
What will your headline be?

What will your headline be?

Information travels more quickly than ever. If a disaster occurs in your community, you will need to work quickly and decisively to ensure that the information that gets to the public is accurate, balanced and useful to the people who need it most. Good crisis...
The Future of Work According to Slack

The Future of Work According to Slack

Slack, the cloud-based set of collaborative tools for teams, is taking over, and changing the way we work for good. Here’s what co-founder Stewart Butterfield has to say about the workplace of the future Haven’t you heard? Email is dead. At least,...
Could a Three‑day Work Week Really Work?

Could a Three‑day Work Week Really Work?

With famous CEOs and big-name proponents of a shorter working week getting their voices heard, Ben Hammersley finds out whether more time out of the office – with the same amount of work to do – really can be achieved On the face of it, it’s kind of...
Dow Jones Leak Exposes Watchlist Database

Dow Jones Leak Exposes Watchlist Database

The Watchlist, which contained the identities of government officials, politicians, and people of political interest, is used to identify risk when researching someone. A data leak at Dow Jones exposed the financial firm’s Watchlist database, which contains...
The Employee Experience Index

The Employee Experience Index

Six years ago, I noticed a pattern in the inquiry calls I was fielding from clients. At the time, many of them centered around things like BYOD, whether to take away local admin rights from PCs, and other decisions driven by escalating fears of security or compliance...
A ‘Cloudy’ Future for OSSEC

A ‘Cloudy’ Future for OSSEC

As more organizations move to the public cloud and to DevOps and DevSecOps processes, the open source alternative for host-based intrusion detection is finding new uses. Used by more than 10,000 organizations around the world, OSSEC has provided an open source...
Business Continuity, R.I.P.?

Business Continuity, R.I.P.?

The reports of the death of the field of business continuity have been greatly overstated. But those of us who work in it do have to raise our performance in a few critical areas. Related on BCMMETRICS: 1 Program, 6 Plans: The Half Dozen Plans Every BCM Program...
10 Corporate Cybersecurity Predictions

10 Corporate Cybersecurity Predictions

What You Need to Know for 2019 – and Beyond In the fast-moving world of cybersecurity, predicting the full threat landscape is near impossible. But it is possible to extrapolate major risks in the coming months based on trends and events of last year. Anthony J....
‘Do I Really Need To Keep This?’

‘Do I Really Need To Keep This?’

Navigating the Information Age Without Saving Everything Data retention is a persistent challenge for in-house counsel, but developing workable information governance policies and procedures needn’t be a taxing exercise; in fact, they can generate measurable...
Mind the gap: cloud security best practices

Mind the gap: cloud security best practices

Rich Campagna explores the security and compliance risks associated with data stored in – and accessible from – cloud applications, setting out best practices for assuring end-to-end protection. With cloud adoption rapidly expanding across an immense range...
Privacy Ops: The New Nexus for CISOs & DPOs

Privacy Ops: The New Nexus for CISOs & DPOs

No longer can privacy be an isolated function managed by legal or compliance departments with little or no connection to the organization’s underlying security technology. Recent advancements in machine learning and big data analytics have made data more...
Preparing for the Next School Shooting

Preparing for the Next School Shooting

(TNS) – It’s been a year since the Valentine’s Day murder of 17 students and staff members and the wounding of 17 others at Marjory Stoneman Douglas High School in Parkland, Florida.Since then, schools around the country have taken steps to beef up...
How to measure communications plan success

How to measure communications plan success

Many times when we talk abut communications plans and campaigns, we focus on the tactics. Which makes sense – there are the things we can see. The clever social media post, the direct mail piece, the slick website. But the true way to evaluate a communications...
Fraud A Top Concern For Compliance Leaders

Fraud A Top Concern For Compliance Leaders

Findings from Dun & Bradstreet According to a report by Dun & Bradstreet, compliance and procurement professionals indicate that fraud tops the list of challenges, and technological advances exacerbate the problem. While technology is an enabler to these...
What’s your severe weather risk?

What’s your severe weather risk?

Recently, the United States experienced a once-in-a-lifetime weather event when temperatures dropped drastically to record lows. The National Weather Service in Chicago predicted it would be the chilliest Arctic outbreak since records have been kept. Biting winds...
Who Are You, Citizen Data Scientist?

Who Are You, Citizen Data Scientist?

Ugh. Everyone is talking about the citizen data scientist, but no one can define it (perhaps they know one when they see one). Here goes — the simplest definition of a citizen data scientist is: non-data scientist. That’s not a pejorative;...
Disaster Recovery: Past, Present, and Future

Disaster Recovery: Past, Present, and Future

By Alex Winokur, founder of Axxana   Disaster recovery is now on the list of top concerns of every CIO. In this article we review the evolution of the disaster recovery landscape, from its inception until today. We look at the current understanding of disaster...
The State Of GRC

The State Of GRC

3 Predictions for 2019 From Google’s GDPR violation to data breaches happening just hours after the new year, 2019 is off to a crazy start, especially for risk managers. In anticipation of the months ahead, LogicGate CEO Matt Kunkel predicts what GRC...
The Case For Integrated Risk Management

The Case For Integrated Risk Management

Align Your Risk Approach to Your Unique Business Realities LockPath’s Colby Smith discusses the reasons an integrated approach to risk management is an imperative – chief among them digital processes, global business and a reliance on third parties....
How to Have More Productive Meetings

How to Have More Productive Meetings

Who doesn’t love a meeting? Well, quite a few of us, actually. Here Loulla-Mae Eleftheriou-Smith asks the experts for their advice on minimizing meeting time while maximizing results, whether that means standing gatherings or curated guest lists Meetings,...
Do You Have What It Takes to Work Remotely?

Do You Have What It Takes to Work Remotely?

If you want to be a remote worker, you may need to convince your boss. Daniel Mobbs has the lowdown on the skills required, from effective time management to confident communications While remote working is becoming increasingly popular, not everyone is a natural-born...
The Walgreens Whistleblower

The Walgreens Whistleblower

A Landmark Settlement with Lessons Learned for Compliance Officers Walgreens reached a settlement on Tuesday, concluding a six-year investigation into the company’s pharmacy and drug-pricing practices, initiated by a whistleblower and former pharmacy manager....
HOW TO PREVENT THE TOP 10 OSHA VIOLATIONS

HOW TO PREVENT THE TOP 10 OSHA VIOLATIONS

Safety is the first priority for any company that seeks to protect employees and customers. Knowing the hazards that exist in workplace offices, equipment, and machinery is the first step toward preventing injury or even death. The Occupational Safety and Health...
The Key To Risk Management Success In 2019

The Key To Risk Management Success In 2019

3 Trends and Predictions In the year ahead, companies will need to find meaningful and measurable ways to align and integrate risk management with core business objectives to pursue and meet their company’s goals. LockPath’s Sam Abadir discusses how, as...
AOAC and ISO announce cooperation agreement

AOAC and ISO announce cooperation agreement

WASHINGTON, DC – AOAC INTERNATIONAL (AOAC) and the International Organization for Standardization (ISO) announce that they have entered into a cooperation agreement for the joint development and approval of common standards and methods. The partnership...
Protecting your data in public cloud services

Protecting your data in public cloud services

Rapid growth in the use of public cloud services for core business operations is changing the technological landscape. But in the rush towards taking advantage of the agility that public cloud offers are organizations in danger of neglecting a core area of business...
Take Control of Inclement Weather with a Plan

Take Control of Inclement Weather with a Plan

How prepared are your employees and organization to navigate the next major blizzard? If you don’t know how you will keep employees informed and safe while you maintain business continuity, you can do more. Imagine your employees waking up in the morning after a...
HOW TO MITIGATE WORKPLACE VIOLENCE

HOW TO MITIGATE WORKPLACE VIOLENCE

No business owner wants to think about a violent event happening at their workplace, but each year, more than 2 million American employees report having been a victim of various types of workplace violence. According the U.S. Bureau of Labor Statistics, 409...
Attitude for Resilience

Attitude for Resilience

Like many people who work in Business Continuity, I didn’t enter the professional world with the intention of becoming a part of this niche industry. For the past 10 years I worked in public education as a Social Studies teacher, which at the beginning of my...
SIDEWALK LIABILITY: ARE YOU COVERED?

SIDEWALK LIABILITY: ARE YOU COVERED?

A friend of mine likes to say that New York City is so expensive that just leaving your apartment will cost you $20. It cost me $100 to leave my apartment the other day – in fines for leaving a piece of furniture by the curb on a day not designated for...
The Quest for Cyber-Trust

The Quest for Cyber-Trust

With technology becoming ever more sophisticated and offering both enhanced opportunities and new vulnerabilities and threats, there is a danger that organizations of every different type leave themselves open to malicious attack or data breaches on a massive scale....
Forrester + SiriusDecisions

Forrester + SiriusDecisions

Today Forrester closed the deal to acquire SiriusDecisions.   SiriusDecisions helps business-to-business companies align the functions of sales, marketing, and product management; Sirius clients grow 19% faster and are 15% more...
You’ve Still Got Mail

You’ve Still Got Mail

It has been more than two decades since AOL popularized email with the catchy “you’ve got mail” greeting. So ubiquitous was it in its heyday that it was the title of a romcom starring Tom Hanks and Meg Ryan. Since then, however, the way that people...
The Growing Problem Of Corporate Fraud

The Growing Problem Of Corporate Fraud

And Striking the Right Balance to Fight It The reality is that the vast majority of corporations have a fraud problem to some degree. It’s a growing problem – one indicator pointing to a rise in overall economic crime globally. Michael Volkov outlines...
Cloud Storage Best Practices

Cloud Storage Best Practices

Implementing cloud storage best practices can be challenging. Follow these tips below to choose the best enterprise cloud storage plan for your business needs – without wasting time and money. We cover both these critical storage tasks:...
What Makes A Cyber Data Breach Expensive?

What Makes A Cyber Data Breach Expensive?

The Real Costs to Companies People get emotional over cyber data breaches, and the media loves to report on the latest hack attack that exposed millions of users’ information. Other than reputational damage (which is quickly forgotten, given the 24/7 news...
How GDPR Enforcement Is Shaping Up In Europe

How GDPR Enforcement Is Shaping Up In Europe

(And Why U.S. Companies Should Take Note) The General Data Protection Regulation (GDPR), Europe’s sweeping data protection law, has been in effect for six months, and while fines have yet to be levied against U.S. companies for breach of the law, enforcement is...
EXECUTIVE PERSPECTIVES ON TOP RISKS 2019

EXECUTIVE PERSPECTIVES ON TOP RISKS 2019

Key Issues Being Discussed in the Boardroom and C-Suite Leaders of organizations in virtually every industry, size of organization, and geographic location are reminded all too frequently that they operate in what appears to many to be an increasingly risky global...
McAfee Labs 2019 Threats Predictions Report

McAfee Labs 2019 Threats Predictions Report

These predictions were written by Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer, and Carl Woodward. As 2018 draws to a close, we should perhaps be grateful that the year...
What Is an IT Alerting System?

What Is an IT Alerting System?

Most organizations rely on their network infrastructure to support business processes. When your system goes down, it’s likely that your business does, too. Successful organizations typically have a system in place to assist in these situations called an IT...
The Future Of Mobility Is Data, Not Cars

The Future Of Mobility Is Data, Not Cars

Having worked in and with the automotive industry for around 25 years, the challenges that OEMs face given their size and structures often inhibit the business agility needed to provide lasting customer value in an age of digital disruption. The focus has always been...
The Purpose Of A Compliance Program

The Purpose Of A Compliance Program

Compliance programs exist for the purpose of protecting against misdeeds, and the most effective programs are those that exist within a culture of ethics. Michael Volkov discusses the truism that a company’s culture and its compliance controls are mutually...
Common Pitfalls In Third-Party Due Diligence

Common Pitfalls In Third-Party Due Diligence

5 Risky Mistakes Companies Make Third-party relationships result in a majority of FCPA resolutions and investigations. Dan Wendt, member at Miller & Chevalier, discusses why third-party due diligence should be a central part of any anti-corruption program and...
SSD vs HDD

SSD vs HDD

What’s the difference between solid state drives (SSD) and hard disk drives (HDD)? Even more important, when you’re adding storage should you buy a SSD or a HDD?   The answer depends on understanding the balance of cost,...
Do Cities Need A “Smart City Platform”?

Do Cities Need A “Smart City Platform”?

Do cities need a “smart city platform”? It depends. Clients have been asking Forrester about our thoughts on new IoT-enabled smart city platforms launched by vendors focused on transforming city government infrastructure and applications. To answer that...
5 IMPORTANT WINTER WORKPLACE SAFETY TIPS

5 IMPORTANT WINTER WORKPLACE SAFETY TIPS

Some view winter weather as a welcome excused absence from work or school. Others must still find their way into the office. What they don’t want to encounter on their way are slick sidewalks, power outages, or the worst – inching your way through icy...
The hidden costs of security breaches

The hidden costs of security breaches

What does a security breach or malicious hacker attack cost? For organizations that lack a fully resilient infrastructure, hidden costs can include operational interruptions, loss of customer trust, lawsuits and compliance regulation fines. Consider the costs an...
Pondering Hybrid

Pondering Hybrid

IBM’s recent announcement that it is acquiring open source cloud software business Red Hat inspired Cutter Consortium Senior Consultant Balaji Prasad to think about the notion of hybrid in a broad sense, and also with respect to hybrid...
How To Address Workplace Bullying

How To Address Workplace Bullying

Raising Awareness Through Compliance Training When discussing the problem of bullying, we often overlook not only the victims, but also their fate. As bullies join the workforce, they continue to find targets, and the severity of their bullying behavior...
Is Your Data Strategy Ready To Keep Up?

Is Your Data Strategy Ready To Keep Up?

I remember a few years ago when, as enterprise architects, we sat around in the office of the VP of architecture and planned our data strategy on the whiteboard. Replace that clunky warehouse with a modern appliance? Check. Enterprise data model? Of course! The...
BCP Couch to Continuity

BCP Couch to Continuity

Fitness and I have always had a love/hate relationship. For me, it comes and goes in waves, no matter what the driving factors are – feeling better, being a good role model for my kids, an upcoming vacation or just to recover from a stretch of poor eating...
Healthy clouds mean healthy business

Healthy clouds mean healthy business

It’s the time of year when millions of Americans sign up for health insurance, and insurance providers encourage their clients to go in for a checkup or get annual screenings to see where they stand health-wise. The steps to a healthy lifestyle are fairly...
Will CX Pros Still Have A Job In 2025?

Will CX Pros Still Have A Job In 2025?

There we were . . . a round table of CX leaders from across Southeast Asia, senior executives with years of experience running large, successful teams and chipping away at the journey to turn our organizations into customer-obsessed enterprises. We shared our recent...
Keeping Your Whistleblower Hotline Alive

Keeping Your Whistleblower Hotline Alive

Ideas to Maximize Hotline Effectiveness It could be a good sign if the phones aren’t ringing at your organization’s hotline – or it could be indicative of a failing ethics and compliance program. Ron Kral discusses how to maintain a successful...
Ten cyber security predictions for 2019

Ten cyber security predictions for 2019

It’s the time of year where we start looking ahead to the New Year and the possible changes that may occur in the threat landscape. In this article, Ian Kilpatrick makes ten predictions for changes that may occur in the cyber security environment. Increase in...
6 Best Free Cloud Storage Providers

6 Best Free Cloud Storage Providers

Free cloud storage is one of the best online storage deals – the price is right.  Free cloud backup provides a convenient way to share content with friends, family and colleagues. Small businesses and individuals can take advantage of free online...
5 Hidden Privacy Dangers

5 Hidden Privacy Dangers

Lesser-Known Risks for Corporations and Consumers Big data corporations are always seeking new ways to capture data from consumers, and some of those tactics they employ can expose their targets – and at times, their employers – to significant privacy...
IoT Platforms Do Not Steal Customer Data

IoT Platforms Do Not Steal Customer Data

There’s a recurring assumption in discussions about internet of things (IoT) platforms: The platform providers make their money by mining insights from data loaded into their platform. They sell those insights back to the customer who put the data there in the...
How Does Cloud Storage Work?

How Does Cloud Storage Work?

Cloud storage uses a highly virtualized infrastructure to provide enterprises with scalable storage resources that can be provisioned in a pre-defined way or provisioned dynamically as required by the organization. Enterprises are increasingly adopting cloud...
SRAM vs. DRAM

SRAM vs. DRAM

Static RAM (SRAM) and dynamic RAM (DRAM) are different types of RAM, with contrasting performance and price levels. Both play a key role in today’s technology. SRAM: is a memory chip that is faster and uses less power than DRAM. DRAM: is a memory chip...
Risky Business In A GDPR World

Risky Business In A GDPR World

Navigating Privacy and Compliance As the recent data breach by Facebook has made clear, meeting strict GDPR guidelines is difficult. Cory Cowgill, CTO at Fusion Risk Management, discusses GDPR requirements and their impact on data retention and security. If you are...
Does ERM Really Matter In Your Organization?

Does ERM Really Matter In Your Organization?

Maturing Risk Management in Light of COSO Updates Recent updates to the COSO framework serve to clarify the significance of the connection between risk, strategy and performance. Protiviti’s Jim DeLoach discusses how organizations can get the most out of their...
Reinventing Financial Compliance

Reinventing Financial Compliance

Reducing Cost and Complexity, Increasing Accuracy and Reliability   As we mark the 10-year anniversary of the 2008 banking crisis – considered by many to be the country’s worst financial crisis since the Great Depression — the issue of financial...