Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc In Focus April 25, 2025 Navigating the DOJ final rule on bulk sensitive personal data: What does it mean for your business? Multinational organisations must now comply with a sweeping new U.S. Department of Justice rule that restricts the transfer of bulk sensitive personal data to foreign adversaries. The rule, established under Executive Order 14117, went into effect earlier this month and introduces prohibitions and controls on data transactions involving countries of concern such as China, Russia, Iran, North… Blogs April 13, 2021 IT Audit’s Perspectives on the Top Technology Risks in Energy & Utilities for 2021 Cybersecurity, Privacy, Data and Resilience Dominate the Top Technology Challenges for Energy and Utilities Organisations. Flash Report December 14, 2020 CISA Issues Emergency Directive to Mitigate SolarWinds Orion Code Compromise On December 13, 2020, the Cybersecurity & Infrastructure Security Agency (CISA) issued an emergency directive detailing required action for federal agencies to mitigate the threat of the recently discovered compromise involving SolarWinds® Orion® Network Management products that are currently being exploited by malicious actors. (Read the SolarWinds Security… Infographic September 1, 2021 Infographic: IT Audit Tech Risks in the Tech, Media & Telecom Industries Cybersecurity, privacy, data and resilience dominate the top technology challenges for technology, media and telecommunications (TMT) organisations, according to the annual ISACA/Protiviti Global Survey of IT audit leaders and professionals. These issues, which already were top-of-mind risks for most organisations, have been fueled further by pandemic-driven times of remote work… Podcast September 22, 2025 FPS Podcast | CMMC Rule is Out - What Contractors Must Know With DOD Contracts On September 10th, 2025 the "CMMC Final Rule" was published in CFR48. After about seven years of starts and stops, determining Level classifications, the number of controls and compliance needed, CMMC certification is now set to be in certain DOD contracts starting November 10th. Cost of compliance has varied greatly, but when dealing with FCI and CUI data, this certification will protect that… Client Story October 21, 2024 Enhancing Consent Management with OneTrust Protiviti and OneTrust helped a global software and IT solutions provider enhance its consent management processes, ensuring regulatory compliance. Whitepaper June 1, 2022 How can an enterprise use access management to establish a Zero Trust environment? A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management programme is foundational to establishing a Zero Trust environment by using contextual information to continuously validate that users are who they say they are and by restricting user access to necessary resources only. Within the Zero Trust framework, identity governance and risk-based… Whitepaper July 13, 2021 How to implement an effective identity management strategy Identity management doesn’t happen overnight; there’s no “Easy” button to press, or magic snap-of-the-fingers instant fix. In fact, identity management has transformed into something far more complex than password authentication and simple security measures. It’s important to understand that jumping into a new technology instantaneously isn’t necessarily the right first step to ensuring a… Whitepaper July 12, 2021 Top 10 pitfalls of an IAM programme In spite of over 20 years of experience as an industry, Identity & Access Management (IAM) programmes continue to struggle — and with good reason. There is a lot that can go wrong with an IAM programme. Lack of funding, treating IAM like a project and not a programme, not having business buy-in, and trying to overly customise packaged software are all examples of significant challenges that… Video September 3, 2020 Cyber Risk Quantification FAQs Cyber risk quantification (CRQ) uses industry leading and highly vetted probabilistic models to more accurately describe the cyber security and technology-based risks facing an organisation. Tune in to Protiviti's subject matter experts answer 15 frequently asked questions about CRQ. Load More
