• Search in Protiviti.com

Cybersecurity

Collection

Cybersecurity Collection Hero

Cyber resilience is an organisation’s ability to detect, prevent, respond, recover and learn from cybersecurity disruptions.  Our cybersecurity collection explores common issues,  trends and what organisations must do to prepare proactive and reactive solutions to and keep your assets safe.

Cybersecurity Collection Hero
Flash Report

Flash Report

July 31, 2023

SEC Cybersecurity Disclosure Enhancements: Efforts to Boost Investor Confidence

On 26 July 2023, the U.S. Securities and Exchange Commission (SEC) adopted amendments1 to its rules on cybersecurity risk management, strategy, governance and incident reporting by public companies subject to the reporting requirements of the Securities Exchange Act of 1934. The SEC’s view is that cybersecurity threats and incidents pose an ongoing risk to public...
Learn More

Featured Insights

2023 IT Security Survey
SURVEY March 29, 2023

The Innovation vs. Technical Debt Tug of War

Technology leaders are exploring new ways to drive innovation and maximise the value of IT in a changing world driven by disruption and a need for...
Flash Report
FLASH REPORT March 9, 2023

New White House Cybersecurity Strategy Creates Additional Concerns for Businesses

The White House recently released a comprehensive national cybersecurity strategy that is sure to have a major impact on government agencies as well...
ISO 27001:2022 - Key Changes
WHITEPAPER February 21, 2023

ISO 27001: 2022 - Key Changes and Approaches to Transition

This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organizations can take to...
Podcast | IT Audit Perspectives on Today’s Top Technology Risks
PODCAST January 11, 2023

Podcast | IT Audit Perspectives on Today’s Top Technology Risks

The greatest IT audit concerns lie with cybersecurity-related breaches and related risk issues. Data governance and data integrity are being...
2023 IT Security Survey
SURVEY March 29, 2023

The Innovation vs. Technical Debt Tug of War

Technology leaders are exploring new ways to drive innovation and maximise the value of IT in a changing world driven by disruption and a need for...
Flash Report
FLASH REPORT March 9, 2023

New White House Cybersecurity Strategy Creates Additional Concerns for Businesses

The White House recently released a comprehensive national cybersecurity strategy that is sure to have a major impact on government agencies as well...
ISO 27001:2022 - Key Changes
WHITEPAPER February 21, 2023

ISO 27001: 2022 - Key Changes and Approaches to Transition

This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organizations can take to...
Podcast | IT Audit Perspectives on Today’s Top Technology Risks
PODCAST January 11, 2023

Podcast | IT Audit Perspectives on Today’s Top Technology Risks

The greatest IT audit concerns lie with cybersecurity-related breaches and related risk issues. Data governance and data integrity are being...

Managed Security Services

A Guide to pen testing and red teaming: What to know now
BLOGS June 19, 2023

A Guide to pen testing and red teaming: What to know now

Penetration testing and red teaming are essentialcybersecuritypractices that bolster an organization’s security posture by uncovering...
Achieving Diversity’s Benefits in Cybersecurity
BLOGS April 19, 2023

Achieving Diversity’s Benefits in Cybersecurity

Could any security organisation benefit from greater innovation? Or from responding more effectively to diverse internal customers? How about...
Protecting the Enterprise: How a Well-Designed Security Analytics Program Can Help
WHITEPAPER August 1, 2022

Protecting the Enterprise: How a Well-Designed Security Analytics Programme Can Help

The purpose of security analytics in an organisation Security metrics and the analysis of security information can be challenging concepts even for...
How can an enterprise use access management to establish a Zero Trust environment?
WHITEPAPER June 1, 2022

How can an enterprise use access management to establish a Zero Trust environment?

A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management programme is foundational to establishing a Zero...
A Guide to pen testing and red teaming: What to know now
BLOGS June 19, 2023

A Guide to pen testing and red teaming: What to know now

Penetration testing and red teaming are essentialcybersecuritypractices that bolster an organization’s security posture by uncovering...
Achieving Diversity’s Benefits in Cybersecurity
BLOGS April 19, 2023

Achieving Diversity’s Benefits in Cybersecurity

Could any security organisation benefit from greater innovation? Or from responding more effectively to diverse internal customers? How about...
Protecting the Enterprise: How a Well-Designed Security Analytics Program Can Help
WHITEPAPER August 1, 2022

Protecting the Enterprise: How a Well-Designed Security Analytics Programme Can Help

The purpose of security analytics in an organisation Security metrics and the analysis of security information can be challenging concepts even for...
How can an enterprise use access management to establish a Zero Trust environment?
WHITEPAPER June 1, 2022

How can an enterprise use access management to establish a Zero Trust environment?

A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management programme is foundational to establishing a Zero...

Data Protection

The Evolution of Attacker Behavior: 3 Case Studies
BLOGS January 13, 2023

The Evolution of Attacker Behavior: 3 Case Studies

This blog post was authored by Mike Ortlieb, Director, Security and Privacy andChris Porter, Associate Director, Security and Privacy on&nbsp...
For $62.59, the 8 Character Password is Still DeadFor $62.59, the 8 Character Password is Still Dead
BLOGS January 11, 2023

For $62.59, the 8 Character Password is Still Dead

Five years ago, we wrote a post called “The 8 Character Password is Dead,” which was an in-depth look at password cracking in 2017 and how eight...
PCI Security Standards Council Publishes New Versions of Self-Assessment Questionnaires
WHITEPAPER June 24, 2022

PCI Security Standards Council Publishes New Versions of Self-Assessment Questionnaires

On April 29, 2022, the PCI Security Standards Council (PCI SSC) released new versions of the PCI DSS Self-Assessment Questionnaires (SAQs) ahead of...
PCI security standards council
WHITEPAPER April 21, 2022

PCI Security Standards Council publishes updated data security standard

DSS 4.0 addresses rapidly evolving threat environment and provides flexibility for how organisations can achieve compliance On March 31, 2022, the...
The Evolution of Attacker Behavior: 3 Case Studies
BLOGS January 13, 2023

The Evolution of Attacker Behavior: 3 Case Studies

This blog post was authored by Mike Ortlieb, Director, Security and Privacy andChris Porter, Associate Director, Security and Privacy on&nbsp...
For $62.59, the 8 Character Password is Still DeadFor $62.59, the 8 Character Password is Still Dead
BLOGS January 11, 2023

For $62.59, the 8 Character Password is Still Dead

Five years ago, we wrote a post called “The 8 Character Password is Dead,” which was an in-depth look at password cracking in 2017 and how eight...
PCI Security Standards Council Publishes New Versions of Self-Assessment Questionnaires
WHITEPAPER June 24, 2022

PCI Security Standards Council Publishes New Versions of Self-Assessment Questionnaires

On April 29, 2022, the PCI Security Standards Council (PCI SSC) released new versions of the PCI DSS Self-Assessment Questionnaires (SAQs) ahead of...
PCI security standards council
WHITEPAPER April 21, 2022

PCI Security Standards Council publishes updated data security standard

DSS 4.0 addresses rapidly evolving threat environment and provides flexibility for how organisations can achieve compliance On March 31, 2022, the...

Security Resilience

Cyber risk quantification for chaos management
BLOGS July 31, 2023

Cyber risk quantification for chaos management

The most important use of any risk assessment tool is that it must contribute to better decision making on how to manage individual risks. Whether...
Metrics’ role in cyber transformation
BLOGS June 30, 2023

Metrics’ role in cyber transformation

We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the...
Creating a resilient cybersecurity strategy: The governance lifecycle approach
BLOGS May 5, 2023

Creating a resilient cybersecurity strategy: The governance lifecycle approach

Cybersecurity governance should do more than manage cyber risk. Goodcybersecuritygovernance creates efficiencies by clarifying the...
Enhancing cyber capabilities using a threat-driven strategy
BLOGS April 21, 2023

Enhancing cyber capabilities using a threat-driven strategy

Senior leaders focused oncybersecurityrecognise there is considerable guidance, best practices, frameworks, regulations and varied...
Cyber risk quantification for chaos management
BLOGS July 31, 2023

Cyber risk quantification for chaos management

The most important use of any risk assessment tool is that it must contribute to better decision making on how to manage individual risks. Whether...
Metrics’ role in cyber transformation
BLOGS June 30, 2023

Metrics’ role in cyber transformation

We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the...
Creating a resilient cybersecurity strategy: The governance lifecycle approach
BLOGS May 5, 2023

Creating a resilient cybersecurity strategy: The governance lifecycle approach

Cybersecurity governance should do more than manage cyber risk. Goodcybersecuritygovernance creates efficiencies by clarifying the...
Enhancing cyber capabilities using a threat-driven strategy
BLOGS April 21, 2023

Enhancing cyber capabilities using a threat-driven strategy

Senior leaders focused oncybersecurityrecognise there is considerable guidance, best practices, frameworks, regulations and varied...

Security Architecture

Simple is secure: Streamlining smart contract design
BLOGS July 31, 2023

Simple is secure: Streamlining smart contract design

For security teams looking to implement and design smart contracts, there are many intricacies and nuances that can be overwhelming. Using established...
Smart contracts part 1: What is a smart contract?
BLOGS July 14, 2023

Smart contracts part 1: What is a smart contract?

In recent years, there’s been considerable talk of blockchain and its use cases in the business world. While some of these topics have specific use...
Cybersecurity risk assessments vs. gap assessments: Why both matter
BLOGS July 14, 2023

Cybersecurity risk assessments vs. gap assessments: Why both matter

This blog post was authored by Rob Woltering - Associate Director, Security and Privacy on the technology insights blog. As cybersecurity incidents...
3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem
BLOGS April 6, 2023

3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem

DevSecOps is an organisational software engineering culture and practice that aims at unifying software development (Dev), application security (Sec),...
Simple is secure: Streamlining smart contract design
BLOGS July 31, 2023

Simple is secure: Streamlining smart contract design

For security teams looking to implement and design smart contracts, there are many intricacies and nuances that can be overwhelming. Using established...
Smart contracts part 1: What is a smart contract?
BLOGS July 14, 2023

Smart contracts part 1: What is a smart contract?

In recent years, there’s been considerable talk of blockchain and its use cases in the business world. While some of these topics have specific use...
Cybersecurity risk assessments vs. gap assessments: Why both matter
BLOGS July 14, 2023

Cybersecurity risk assessments vs. gap assessments: Why both matter

This blog post was authored by Rob Woltering - Associate Director, Security and Privacy on the technology insights blog. As cybersecurity incidents...
3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem
BLOGS April 6, 2023

3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem

DevSecOps is an organisational software engineering culture and practice that aims at unifying software development (Dev), application security (Sec),...

Content Collections

Technology Industry

Collection
A curated collection of topics, trends and insights to help technology, media and telecom (TMT) industry organisations face today's challenges and opportunities. For any critical point in a company's growth, explore Protiviti's insights and...

Read More

 

Board and C-Suite Leadership

Collection
Explore challenges and areas of interest for boards of directors around the world. From environmental, social and governance (ESG) matters to fulfilling the board’s vital risk oversight mandate, this collection provides practical insights and guidance for new and experienced board members alike.

Learn More

 

Audit & Risk Management

Collection
Protiviti leaders and subject-matter experts from around the world provide insights on key issues facing organisations in our dynamic, challenging and competitive global business climate. Our world-class internal audit and risk assessment experience provides a wealth of information and data to help you meet future challenges....

Read More

 
Loading...