Insight Search Search Submit Sort by: Relevance Date Search Sort by Relevance Date Order Asc Desc Newsletter May 10, 2022 SIFMA Quantum Dawn VI A Decade of Testing and ResilienceOver the past 10 years, the Securities Industry and Financial Markets Association (SIFMA) has coordinated a series of industrywide resilience exercises known as Quantum Dawn. These exercises provide a forum for financial firms, regulatory bodies, central banks, law enforcement, government agencies, trade associations and information-sharing organisations to… Infographic June 3, 2024 Infographic | SIFMA’s Quantum Dawn VII Quantum Dawn VII is the latest iteration of SIFMA's biannual cybersecurity exercise focused on the outage of a critical third-party service provider (CTP). The simulation and concluding survey found many financial institutions are already experienced with the loss of CTPs, with protocols established for managing the outage. With such outages increasingly commonplace and regulators holding firms… Whitepaper May 9, 2024 SIFMA’s Quantum Dawn VII After-Action Report The latest iteration of SIFMA’s biannual cybersecurity exercise focused on the outage of a critical third-party service provider. The simulation and concluding survey found many financial institutions are already experienced with the loss of a critical third-party, with protocols established for managing the outage. In this after-action report, we look at the lessons learned from the Quantum Dawn… Whitepaper February 21, 2023 ISO 27001: 2022 - Key Changes and Approaches to Transition This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organisations can take to implement the changes introduced. There have been significant advancements in technology, as well as an increase in the complexity of security threats since the last iteration of ISO 27001 was published on September 25, 2013. The changes introduced in… Whitepaper July 12, 2021 Top 10 pitfalls of an IAM programme In spite of over 20 years of experience as an industry, Identity & Access Management (IAM) programmes continue to struggle — and with good reason. There is a lot that can go wrong with an IAM programme. Lack of funding, treating IAM like a project and not a programme, not having business buy-in, and trying to overly customise packaged software are all examples of significant challenges that… Whitepaper June 1, 2022 How can an enterprise use access management to establish a Zero Trust environment? A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management programme is foundational to establishing a Zero Trust environment by using contextual information to continuously validate that users are who they say they are and by restricting user access to necessary resources only. Within the Zero Trust framework, identity governance and risk-based… Flash Report April 11, 2024 The American Privacy Rights Act of 2024: Could this framework become the data privacy panacea? On April 8, 2024, U.S. Representative Cathy McMorris Rodgers (R-WA) and U.S. Senator Maria Cantwell (D-WA) announced the American Privacy Rights Act. This act aims to establish a comprehensive set of rules that govern the usage of citizens' data. The bipartisan draft legislation seeks to create a national standard for data privacy and security, addressing the unregulated sale of online data.… Client Story May 23, 2024 Trusted Partnerships and Collaborative Efforts Drive Success in Data Privacy Initiatives We partnered with the client in building and maturing a data privacy program, including enhancing the company’s privacy rights process into a universal, globally scalable webform intake, 10+ custom workflows and an encrypted portal. Leveraged OneTrust autoblocking to establish baseline cookie compliance. Podcast Transcript January 5, 2021 Transcript - Building an Effective Industrial Control Systems Security Programme In this episode, Kevin Donahue, a senior director with Protiviti speaks with Protiviti's associate director Justin Turner and manager Derek Dunkel-JahanTigh about security for industrial control systems, or operational technology. In Focus November 4, 2024 New York DFS, White House issue guidance on AI‘s impact. What are the implications? During National Cybersecurity Month in October, both the New York State Department of Financial Services (DFS) and the Biden administration issued releases on the opportunities and risks of artificial intelligence (AI). The DFS’s Industry Letter focuses on the impact of AI on the cybersecurity landscape while the Biden administration released the first-ever National Security Memorandum (NSM) on… Load More