Corporate Security

IT Compliance Management IT compliance management can be difficult for many organizations that don’t understand the requirements of cyber data, especially when you have to consider standards such as SOX, NERC CIP, PCI DSS, GLBA, etc. Today, let’s discuss IT compliance management and its importance within...

Service Provider Risk and Compliance In our continuing effort to educate on the importance of risk assessment and compliance, this week we wanted to touch base on service provider risk and what you can do to help reduce it. We’ve had many customers unclear on...

The Unnecessary Torture of Security Audits From financial services to healthcare, nearly every industry gets audited for security, and no one looks forward to it. Just the thought of getting audited can generate chaos, stress and headaches to those involved. But what if I told you,...

“Why You Should Stop Thinking about Risk When You Think about CIP-014’s R4” Often physical security professionals associate CIP-014's R4 with the word risk. However, this interesting and informative webinar for physical security executives will include three surprising points: Why risk is inconsequential to CIP-014’s R4 ...

The Securities and Exchange Commission (SEC) to require registered broker-dealers and registered investment advisers to conduct risk assessments to identify cybersecurity threats, vulnerabilities, and potential business consequences. Earlier this year on March 26, 2014, the U.S. Securities and Exchange Commission sponsored a Cybersecurity Roundtable. In opening...

Classified Order Aims to Use Military to Protect Key IT Networks President Obama signed a classified presidential directive last month that enables the military to act more aggressively to frustrate cyberattacks on government and private computer networks. The White House confirmed the issuance of Presidential Policy Directive...

Smaller Institutions Could Benefit from Regulators' Help Last year, federal regulators issued FFIEC authentication guidance for online transactions. But, unfortunately, regulators apparently don't plan to issue additional guidance on the security issues involved in mobile banking and cloud computing. Larger institutions don't really need guidance on these...

FBI Warning Reiterates Citadel Malware Threats Banking institutions need to take action to thwart the latest generation of targeted ransomware and malware attacks that hijack computer operating systems and launch keyloggers to steal online banking credentials and other financial information. The attacks, fueled by the Zeus malware...