Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Blogs June 30, 2023 Metrics’ role in cyber transformation We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the information that matters. But with so many data points available to measure security, it is difficult to know where to begin. Security practitioners must constantly question what data they collect and why. Only by providing relevant measures can we… Blogs January 11, 2023 For $62.59, the 8 Character Password is Still Dead Five years ago, we wrote a post called “The 8 Character Password is Dead,” which was an in-depth look at password cracking in 2017 and how eight-character passwords do not adequately protect organisations. In that analysis, we broke down the math and how quickly hardware purchased for under $5,000 could make an eight-character length irrelevant. Unfortunately, in just five years’ time, the… In Focus November 4, 2024 New York DFS, White House issue guidance on AI‘s impact. What are the implications? During National Cybersecurity Month in October, both the New York State Department of Financial Services (DFS) and the Biden administration issued releases on the opportunities and risks of artificial intelligence (AI). The DFS’s Industry Letter focuses on the impact of AI on the cybersecurity landscape while the Biden administration released the first-ever National Security Memorandum (NSM) on… Whitepaper September 19, 2022 2022 IT Audit Technology Risks in Tech, Media & Telecom Survey Shows Elevated Concerns Around Cybersecurity, Privacy and Compliance for the Technology, Media and Telecom Industry For the technology, media and telecommunications (TMT) industry, the greatest IT audit concerns in 2022 lie with cybersecurity-related breaches, privacy and regulatory compliance. More than 1,000 IT audit leaders and professionals from the TMT industry provided this… Survey January 7, 2022 Three Conversation Starters That Advance CISO/CFO Collaboration The quality and, in some cases, the existence of the CISO/CFO relationship varies by company. In organisations where the CISO role is positioned and promoted as a source of value, CISOs and CFOs tend to collaborate more often and more meaningfully than in companies that treat information security as a cost center (and typically struggle with cybersecurity as a result). Protiviti’s 2021… Survey October 1, 2022 IT Audit Perspectives on Top Technology Risks Results of ISACA/Protiviti global survey reveal cybersecurity, privacy, data and regulatory compliance are top-of-mind concernsAn uncertain global economy, volatile geopolitical developments, a persistent pandemic and an evolving catalog of technology risks have created mounting challenges for IT audit leaders and their functions.The results of the latest IT Audit Technology Risks Survey from… Infographic September 1, 2021 Infographic: IT Audit Tech Risks in the Tech, Media & Telecom Industries Cybersecurity, privacy, data and resilience dominate the top technology challenges for technology, media and telecommunications (TMT) organisations, according to the annual ISACA/Protiviti Global Survey of IT audit leaders and professionals. These issues, which already were top-of-mind risks for most organisations, have been fueled further by pandemic-driven times of remote work… Blogs June 11, 2024 Key takeaways: New SEC cyber risk management disclosure rules While the ink is still drying on many 2023 Form 10-Ks, Protiviti has reviewed a subset of the filings to gauge how firms are responding to the U.S. Securities and Exchange Commission’s (SEC’s) amended Cybersecurity Disclosure Rule adopted in July 2023. Whitepaper July 22, 2021 The adoption of "Zero Trust" The future of organisations will be built on the ability to work securely from anywhere, using any device at any time. This was made clear during the COVID-19 pandemic, which forced millions of workers to work from home using company-owned or personal devices. As the velocity and persistence of cybersecurity attacks increase daily and digital transformation continues to be a priority for… In Focus July 19, 2024 SEC rebuked in SolarWinds decision. What does it mean? U.S. District Judge Paul Engelmayer has dismissed most of the charges made by the U.S. Securities and Exchange Commission (SEC) against software company and 2020 cyberattack victim SolarWinds and its chief information security officer (CISO), Tim Brown. In its original lawsuit, filed in October 2023, the SEC alleged that SolarWinds had defrauded investors by concealing security weaknesses in its… Load More
