Security News

EU GDPR Compliance Checklist
2023-10-15 16:00

The EU General Data Protection Regulation is a comprehensive set of rules designed to keep the personal data of all EU citizens collected by any organization, enterprise or business safe from unauthorized access or use. Failure to do so, would be a costly oversight on their part, as the penalties associated with the GDPR are severe and are applied across international borders at the discretion of the EU data protection authorities.

Financial crime compliance costs exceed $206 billion
2023-09-29 04:00

Global financial crime compliance costs for financial institutions exceed $206 billion. Financial crime professionals embrace AI. While certain industries are still determining the ways in which AI and ML will bring about an influence, 71% of professionals in financial crime compliance indicate that their organizations are already enhancing data utilization through advanced analytics.

Essential Guide to Cybersecurity Compliance
2023-09-26 11:50

SOC 2, ISO, HIPAA, Cyber Essentials – all the security frameworks and certifications today are an acronym soup that can make even a compliance expert’s head spin. If you’re embarking on your...

Why more security doesn’t mean more effective compliance
2023-09-22 05:30

For financial institutions, the way to do so is not necessarily by investing in new security tools; it's by getting more value from existing technology through automated monitoring and optimization. Beyond the direct hit to impacted businesses, there's a more acute risk that makes governments and regulators nervous: A serious attack on the banking system could have a debilitating impact on national and economic security.

Strong compliance management is crucial for fintech-bank partnerships
2023-09-20 03:00

Bank-fintech partnerships continue to rise as financial institutions look to streamline operations, improve customer experiences, drive profitability, and manage risk and compliance efforts. The guidance promotes standardization for assessing third-party risk and describes sound risk management principles when developing and implementing third-party risk management practices.

Former CIO accuses Penn State of faking cybersecurity compliance
2023-09-18 20:15

Last October, Pennsylvania State University was sued by a former chief information officer for allegedly falsifying government security compliance reports. Following a meeting in June 2022, he recounts "Penn State had never reached actual DFARS compliance and thus had been falsely attesting to compliance since January 1, 2018.".

Regulatory activity forces compliance leaders to spend more on GRC tools
2023-09-18 04:30

Legal and compliance department investment in GRC tools will increase 50% by 2026, according to Gartner. "While most organizations already have existing compliance programs, legal and compliance leaders need to ensure they are empowered to capture and elevate the right information to management and the board, take the appropriate action, and maintain documentation related to these processes," Kornutick said.

Unimplemented controls could derail your ESG compliance efforts
2023-09-08 03:00

This lack of ESG program readiness raises the risk of reporting incomplete or incorrect data and leaves organizations unprepared to maintain compliance with future regulations, including the forthcoming ESG rules from the Securities and Exchange Commission. Over 75% of respondents said they currently collect evidence for ESG metrics, and 26% reported that they plan to begin performing internal ESG audits in the next year.

Compliance budgets under strain as inflation and workload grow
2023-09-06 03:30

Compliance leaders are facing pressure to make the most of existing resources despite economic challenges and increased workload volume and complexity, according to Gartner. "Confronted with economic volatility, a tight labor market, and rising geopolitical tensions, compliance departments are adapting their workflows to an increasingly complex landscape," said Chris Audet, Chief of Research with the Gartner for Legal, Risk & Compliance Leaders practice.

Is the cybersecurity community’s obsession with compliance counter-productive?
2023-08-29 04:00

How many would determine that the best use of their resources would be to attain or retain compliance with a cybersecurity standard? And how many would deploy those compliance and auditing resources to patch more vulnerabilities, invest in additional cybersecurity expertise, tools to identify and reduce their external threat footprint, and myriad other effective measures to genuinely reduce their organization's cyber risk? It's not as if dedication to compliance is any more of a guarantee against a breach than any other technology, strategy or prayer.