Results for Search Submit Filter by: Advanced Filter All results Solutions Industry People Client Story Insights/Blogs Filter Blog Security Advisory: Meltdown and Spectre – Processor Flaws Expose Networks to New Class of Vulnerabilities Security researchers have identified a flaw, present in most computer processors, that allows unauthorized disclosure of information. The flaw, which affects most major processor manufacturers, is the first known instance of a security vulnerability at the processor level, and could be exploited in servers, workstations (including laptops), network infrastructure, mobile devices, IoT devices and… Blog New IT Security Awareness Learning Library Designed to Help Workers Become Frontline Cyber Defenders for Their Employers Taking advantage of a user’s poor security practices is often a critical first step for malicious hackers or other cybercriminals seeking to compromise an organization’s systems and data. More than 80 percent of hacking-related breaches leveraged stolen or weak passwords, according to research for the 2017 Data Breach Investigations Report from Verizon. The report also says that about… Blog Undetected Breaches and Ransomware Change How We Think About Cybersecurity Undetected Breaches and Ransomware Change How We Think About Cybersecurity As new possibilities in information technology continue to transform organizations, they may outpace any cybersecurity protections already in place. Controls that seemed adequate yesterday might not be equal to the challenges presented by new technology and ever-evolving threats today. Our issue of Board Perspectives:… Blog Recent Roundtable Perspectives on Cloud Security As cloud adoption accelerates within well-established businesses and emerges across nearly all industries and company sizes, security executives have been presented with thematic challenges to managing cloud governance, security, and regulatory risk. Protiviti recently held a roundtable of Chicago-area CISOs and Security Leaders to discuss the thematic challenges, share strategies, and gain… Blog Even After Patching, Meltdown & Spectre Continue to be a Big Deal First, a recap of the vulnerability For the first time, performance-enhancing features of most modern processors (known as out-of-order superscalar execution, speculative prediction, and HW caching) were discovered to contain (as a unit) a flaw that allows unauthorized disclosure of information. The fact that this flaw is at the processor level differentiates it from other potential… Blog What’s Ahead in Vendor Assessments? Rapidly changing information security threats and regulatory requirements continue to put pressure on vendor risk management programs and capabilities for all organizations globally. We anticipate that the number and comprehensiveness of vendor assessments required of, and conducted by, organizations will continue to substantially increase in 2018 and into 2019 before the requests begin to… Blog With GDPR Deadline Looming, the First Step Is Discovery With the new EU General Data Protection Regulation (GDPR) scheduled to take effect on May 25, 2018, organizations with EU employees or customers need to be able to demonstrate compliance. GDPR expands the scope of previous EU regulations to include any data processor or data controller that collects, stores, or processes the personal data of EU residents. It mandates data portability,… Blog Six Elements to Strengthen Sustainability Environmental, social and governance issues are wide in their scope and important to address. So, how should firms begin to tackle them? Sustainability is one of the biggest challenges of our time, and one of the greatest opportunities. Solving the world’s environmental and social challenges will take collective action on a scale never seen before; but working towards solutions could lead to a… Blog Sustainable Operations: How Facilities Managers Can Achieve ESG Goals Part 1: Energy This blog post is Part 1 of a 3-part series focusing on energy, water and waste optimization in commercial facility management and industrial operations. Subscribe to The Protiviti View to follow the series. With growing interest from stakeholders and regulators, it’s becoming increasingly important for organizations to get their environmental, social and governance (ESG)… Blog Automate AWS Digital Identity and Access Management Review Often, there exists the need to perform one-time and regular reviews of Identity and Access Management (IAM) health to answer some of the basic, yet critical questions security professionals care about: Who is entitled to perform what actions against what resources? Are there orphan identities? Am I granting service access to identities that do not utilize them? Last accessed feature and… Load More
