Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Whitepaper July 13, 2021 How to implement an effective identity management strategy Identity management doesn’t happen overnight; there’s no “Easy” button to press, or magic snap-of-the-fingers instant fix. In fact, identity management has transformed into something far more complex than password authentication and simple security measures. It’s important to understand that jumping into a new technology instantaneously isn’t necessarily the right first step to ensuring a… Whitepaper June 1, 2022 How can an enterprise use access management to establish a Zero Trust environment? A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management programme is foundational to establishing a Zero Trust environment by using contextual information to continuously validate that users are who they say they are and by restricting user access to necessary resources only. Within the Zero Trust framework, identity governance and risk-based… Video September 3, 2020 Cyber Risk Quantification FAQs Cyber risk quantification (CRQ) uses industry leading and highly vetted probabilistic models to more accurately describe the cyber security and technology-based risks facing an organisation. Tune in to Protiviti's subject matter experts answer 15 frequently asked questions about CRQ. Podcast Transcript January 5, 2021 Transcript - Building an Effective Industrial Control Systems Security Programme In this episode, Kevin Donahue, a senior director with Protiviti speaks with Protiviti's associate director Justin Turner and manager Derek Dunkel-JahanTigh about security for industrial control systems, or operational technology. Podcast September 22, 2025 FPS Podcast | CMMC Rule is Out - What Contractors Must Know With DOD Contracts On September 10th, 2025 the "CMMC Final Rule" was published in CFR48. After about seven years of starts and stops, determining Level classifications, the number of controls and compliance needed, CMMC certification is now set to be in certain DOD contracts starting November 10th. Cost of compliance has varied greatly, but when dealing with FCI and CUI data, this certification will protect that… Whitepaper August 1, 2022 Protecting the Enterprise: How a Well-Designed Security Analytics Programme Can Help The purpose of security analytics in an organisation Security metrics and the analysis of security information can be challenging concepts even for leading organisations. As information security professionals, most of us have been taught that in order to have a mature information security function we must both document and measure the organisation’s security capabilities. If policies are the… Whitepaper July 14, 2025 Navigating the Financial Services Industry’s Compliance Priorities in 2025: Mid-Year Checkpoint When we published our 2025 compliance priorities for financial services companies last December, we acknowledged that for a variety of reasons, understanding and managing compliance risks this year would be a true test of the industry’s commitment and acumen. Among factors adding to the challenge this year, we noted the rapid pace of technological advancement, geopolitical tensions, and diverging… Newsletter May 8, 2024 Sharpening the Board’s Focus on M&A Due Diligence Whether an acquisition is a stand-alone, complementary entity or an integration, the due diligence process is undergoing a paradigm shift due to the higher cost of funding and the impact of failed transactions. Boards should expect a more aggressive focus on due diligence.How has the due diligence process changed in recent years? For sure, the complexity of certain topics, such as environmental… Whitepaper December 19, 2024 The Compliance Playbook: Navigating the Financial Services Industry’s Compliance Priorities in 2025 As we enter the new year, the financial services industry once again faces compliance risks that are increasingly diverse and complex. Insights paper June 5, 2025 Protect Your Cloud Environment With CNAPP In 2023, a prominent global technology firm experienced a significant security breach when sensitive production data was inadvertently restored in a development environment. This misconfiguration led to the exposure of credentials and customer data, underscoring the persistent challenges even the most advanced tech companies face in securing cloud environments. Load More
