Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Whitepaper May 9, 2024 SIFMA’s Quantum Dawn VII After-Action Report The latest iteration of SIFMA’s biannual cybersecurity exercise focused on the outage of a critical third-party service provider. The simulation and concluding survey found many financial institutions are already experienced with the loss of a critical third-party, with protocols established for managing the outage. In this after-action report, we look at the lessons learned from the Quantum Dawn… Infographic June 3, 2024 Infographic | SIFMA’s Quantum Dawn VII Quantum Dawn VII is the latest iteration of SIFMA's biannual cybersecurity exercise focused on the outage of a critical third-party service provider (CTP). The simulation and concluding survey found many financial institutions are already experienced with the loss of CTPs, with protocols established for managing the outage. With such outages increasingly commonplace and regulators holding firms… Podcast September 22, 2025 FPS Podcast | CMMC Rule is Out - What Contractors Must Know With DOD Contracts On September 10th, 2025 the "CMMC Final Rule" was published in CFR48. After about seven years of starts and stops, determining Level classifications, the number of controls and compliance needed, CMMC certification is now set to be in certain DOD contracts starting November 10th. Cost of compliance has varied greatly, but when dealing with FCI and CUI data, this certification will protect that… Newsletter February 12, 2021 Implementing Operational Resilience Across the Organisation: An Essential Checklist Like any enterprisewide organisational change, implementing an operational resilience programme across an organisation requires a careful and collaborative effort to be successful. Whether implementation has been in the works for several years or is just beginning, turning the resilience programme from concept to reality is hard work. Except for the most dynamic and change-… Whitepaper March 28, 2022 Urbanisation des activités du RSSI Travail à distance, cyber attaque, guerre asymétrique, fuite de données : les enjeux de la cyber sécurité sont de plus en plus importants. Certes, les investissements au sein des entreprises sont réels mais les attentes du management et des parties prenantes internes et externes sont de plus en plus présentes et les réponses attendues pour les actifs clés se doivent d’être relativement binaires,… Whitepaper August 1, 2022 Protecting the Enterprise: How a Well-Designed Security Analytics Programme Can Help The purpose of security analytics in an organisation Security metrics and the analysis of security information can be challenging concepts even for leading organisations. As information security professionals, most of us have been taught that in order to have a mature information security function we must both document and measure the organisation’s security capabilities. If policies are the… Newsletter December 19, 2024 Compliance Insights For 2025 we asked a larger-than-usual group of Protiviti colleagues across the globe to help identify the most pressing compliance issues in their market. Artificial intelligence, financial crime, privacy and security, operational resilience, third party risk management, consumer protection, compliance function optimization, and resourcing were identified as priorities in all regions. Newsletter September 29, 2023 Private Equity Insights Q3 2023 In our latest issue of Private Equity Insights, we offer Protiviti’s latest thinking on ESG issues – specifically, assessing sustainability through an investment and value creation lens. We offer further thoughts on AI (including generative AI) from the board’s and the CFO’s point of view, and we bring the general counsel into the mix through an informative discussion on building legal operations… Whitepaper March 22, 2019 Evaluation de la Sécurité des Données, des Applicatifs et des Infrastructures L’interface applicative n’est que la partie émergée de l’iceberg!Comprendre les défaillances des environnements applicatifs et des infrastructures doit être une priorité pour les intervenants opérationnels ainsi que pour le management.Les applications sont des interfaces d’accès et de traitements des données (métiers, personnelles, …) et ne sont que la partie visible d’un Système d’Information (… Whitepaper March 22, 2019 Data, Application & Infrastructure Security Risk Assessment Let’s explore the Iceberg!Understanding gaps in how your applications and infrastructure protect your data is a priority for both Operations and Executives.Application interface is only the tip of the IcebergApplication are interfaces used to access and process data (business or personal) and are only the visible part of a more complex IT landscape. Load More
