Results for Search Submit Filter by: Advanced Filter All results Solutions Industry Typelist People Client Story Insights/Blogs Filter Search Sort by RelevanceDate Order AscDesc Blog February 7, 2014 More on the Five Lines of Defense In January, I commented on this page regarding how an effectively designed and implemented lines-of-defense framework can provide strong safeguards against breakdowns in risk management and compliance management. The traditional lines-of-defense model has emphasized three lines of defense – (1) business unit management and process owners, (2) independent risk management and compliance functions,… Blog February 10, 2014 PreView-ing Today’s Emerging Risks We want to share a heads up with you regarding a new Protiviti newsletter that we’re very excited about. We’ve just published the first edition of PreView, which will be a quarterly review of emerging risks likely to have a strategic impact on organizations over the long term. Our focus in issuing PreView is on helping organizations ask the right questions rather than provide answers. Therefore,… Blog February 20, 2014 Ethics in Corporate Governance: “Walking the Talk” If it’s true you can’t legislate morality – and all evidence, including but certainly not limited to corporate malfeasance such as the Enron and Worldcom scandals or the questionable corporate behavior of reckless risk-taking to maximize short-term profits and compensation (under “heads I win, tails you lose” compensation structures that left shareholders with the short stick) that contributed to… Blog February 28, 2014 Cybersecurity Framework: Where Do We Go From Here? Protiviti just published a Flash Report on the National Institute of Standards and Technology’s (NIST) final version of its Framework for Improving Critical Infrastructure Cybersecurity. I highly recommend that anyone involved in cybersecurity in their organization become familiar with the NIST Framework by reading our report. This framework could end up being the new game in town. Just over a… Blog March 7, 2018 Understanding Server Message Block from the Ground Up The Server Message Block (SMB) is an integral part of any successful organization’s technology assets. In this blog post, we’ll take an easily digestible look at SMB, including its history, why and how it is used and what SMB is used for during penetration tests. SMB was first referenced as “IBM PC Network SMB Protocol” in a 1985 document by IBM, and in 1987 as “Microsoft Networks/OpenNet-FILE… Blog March 7, 2018 Saving Analytical Data Without Violating GDPR With an effective date less than four months away, the General Data Protection Regulation (GDPR), known officially as "REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016," is becoming a pressing concern for companies inside and outside the European Union (EU). Broadly, the regulation specifies that personal data protection of natural persons residing in… Blog March 8, 2018 Security Advisory: Meltdown and Spectre – Processor Flaws Expose Networks to New Class of Vulnerabilities Security researchers have identified a flaw, present in most computer processors, that allows unauthorized disclosure of information. The flaw, which affects most major processor manufacturers, is the first known instance of a security vulnerability at the processor level, and could be exploited in servers, workstations (including laptops), network infrastructure, mobile devices, IoT devices and… Blog March 12, 2018 New IT Security Awareness Learning Library Designed to Help Workers Become Frontline Cyber Defenders for Their Employers Taking advantage of a user’s poor security practices is often a critical first step for malicious hackers or other cybercriminals seeking to compromise an organization’s systems and data. More than 80 percent of hacking-related breaches leveraged stolen or weak passwords, according to research for the 2017 Data Breach Investigations Report from Verizon. The report also says that about… Blog March 14, 2018 Undetected Breaches and Ransomware Change How We Think About Cybersecurity Undetected Breaches and Ransomware Change How We Think About Cybersecurity As new possibilities in information technology continue to transform organizations, they may outpace any cybersecurity protections already in place. Controls that seemed adequate yesterday might not be equal to the challenges presented by new technology and ever-evolving threats today. Our issue of Board Perspectives:… Blog March 19, 2018 Recent Roundtable Perspectives on Cloud Security As cloud adoption accelerates within well-established businesses and emerges across nearly all industries and company sizes, security executives have been presented with thematic challenges to managing cloud governance, security, and regulatory risk. Protiviti recently held a roundtable of Chicago-area CISOs and Security Leaders to discuss the thematic challenges, share strategies, and gain… Load More
