Cybersecurity
Collection

Cyber resilience is an organization’s ability to detect, prevent, respond, recover and learn from cybersecurity disruptions. Our cybersecurity collection explores common issues, trends and what organizations must do to prepare proactive and reactive solutions to and keep your assets safe.

Featured Insights

The shift to zero trust
The future of organisations will be built on the ability to work securely from anywhere, using any device at any time. This was made clear during the...

Protecting the Enterprise: How a Well-Designed Security Analytics Program Can Help
The purpose of security analytics in an organisation
Security metrics and the analysis of security information can be challenging concepts even for...

The Post-Quantum Cryptography Conundrum
Business leaders may have heard of quantum computing, but many are not yet aware of its incipient threat to cryptography and cryptocurrency. When...

Cybersecurity and Data Privacy: 7 Challenges for CFOs to Address
Along with their peers in the C-suite, CFOs have treated cybersecurity and data privacy as top strategic priorities for several years. Increasingly,...
Managed Security Services

Ransomware: Analysing Risk and Protecting Critical Assets
Ransomware is a current threat many people are struggling to understand and manage. Amid the headlines and uncertainty, how can the board respond...

Risk and the Board of Directors: From Bordeaux to Today, What’s Old Is New
On January 25, 2022, Gary Gensler, chairman of the U.S. Securities and Exchange Commission (SEC), on his YouTube channel “Office Hours with Gary...

Vulnerability Management: We’ve Been Doing It All Wrong
Vulnerability management is a discipline that many organizations struggle with due to one simple factor: complexity. Today, organizations manage...

5 Considerations for Purchasing ‘Cyber Insurance 2.0’ Policies
Organizations attempting to buy or renew cyber insurance policies confront an imposing mix of challenges, changes and value-added services. A volatile...
Data Protection

PCI Security Standards Council Publishes New Versions of Self-Assessment Questionnaires
On April 29, 2022, the PCI Security Standards Council (PCI SSC) released new versions of the PCI DSS Self-Assessment Questionnaires (SAQs) ahead of...

Is Your Loyalty Program Compliant With CCPA?
For organizations that sell directly to consumers, loyalty programs can be an effective method for increasing revenue and encouraging brand loyalty....

Federal Trade Commission Commercial Surveillance and Data Security Proposed Rulemaking
Commercial surveillance is the practice of collecting and analyzing information about people for profit. Over the past months, the U.S. Federal Trade...

Framing the Data Privacy Discussion in the Boardroom
Data proliferation and data privacy regulatory activity across the globe have created the need for focused boardroom discussions.
While...
Security Resilience

Building Resilience in the Cloud
In 2019, AFME published its first paper on the adoption of public cloud in capital markets[1]. Since then, the adoption of cloud has continued to...

Quantitative Cyber Risk Management 101: Baselining and Baseline Cycling
Cyber risk is a growing threat to organizations of all shapes and sizes. Cyber risk quantification allows organizations to better understand the...

Artificial Intelligence: Can Humans Drive Ethical AI?
Artificial intelligence (AI) is a powerful technology that’s driving innovation, boosting performance, and improving decision-making and risk...

How to Talk to Boards About Ransomware And Risk
Anyone who follows the news is already aware of the persistent threat of ransomware events. Board members are certainly aware, and they know what...
Security Architecture

Strong, flexible identity and access management, built collaboratively
Solving complex identity and access management issues for an organisation often requires finesse, collaboration and the ability to creatively meet the...

Balancing Opportunity and Risk: Security for RPA Platforms
Robotic process automation (RPA) was first used to execute predetermined, rules-based tasks twenty or so years ago. Since then, RPA has functioned as...

Identifying Components of a Secured AWS Foundation
Amazon Web Services (AWS) provides several ways for organizations to securely adopt, develop and manage their AWS environments, including the security...

3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem
DevSecOps is an organizational software engineering culture and practice that aims at unifying software development (Dev), application security (Sec),...