Insight Search

Sort by:
  • In Focus

    July 19, 2024
    U.S. District Judge Paul Engelmayer has dismissed most of the charges made by the U.S. Securities and Exchange Commission (SEC) against software company and 2020 cyberattack victim SolarWinds and its chief information security officer (CISO), Tim Brown. In its original lawsuit, filed in October 2023, the SEC alleged that SolarWinds had defrauded investors by concealing security weaknesses in its…
  • Podcast

    March 13, 2024
    In this special edition of the Protiviti Legal Perspectives podcast series, we delve into the complexities of new data protection and cybersecurity government regulations in the defense industry with Alexander W. Major, Partner, McCarter & English and Perry Keating, President of Protiviti Government Services. The Cybersecurity Maturity Model Certification (CMMC) was recently promulgated,…
  • Podcast

    September 22, 2025
    On September 10th, 2025 the "CMMC Final Rule" was published in CFR48. After about seven years of starts and stops, determining Level classifications, the number of controls and compliance needed, CMMC certification is now set to be in certain DOD contracts starting November 10th. Cost of compliance has varied greatly, but when dealing with FCI and CUI data, this certification will protect that…
  • Whitepaper

    June 1, 2022
    A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management program is foundational to establishing a Zero Trust environment by using contextual information to continuously validate that users are who they say they are and by restricting user access to necessary resources only. Within the Zero Trust framework, identity governance and risk-based…
  • Whitepaper

    July 13, 2021
    Identity management doesn’t happen overnight; there’s no “Easy” button to press, or magic snap-of-the-fingers instant fix. In fact, identity management has transformed into something far more complex than password authentication and simple security measures. It’s important to understand that jumping into a new technology instantaneously isn’t necessarily the right first step to ensuring a…
  • Whitepaper

    July 12, 2021
    In spite of over 20 years of experience as an industry, Identity & Access Management (IAM) programs continue to struggle — and with good reason. There is a lot that can go wrong with an IAM program. Lack of funding, treating IAM like a project and not a program, not having business buy-in, and trying to overly customize packaged software are all examples of significant challenges that can…
  • Client Story

    October 21, 2024
    Protiviti and OneTrust helped a global software and IT solutions provider enhance its consent management processes, ensuring regulatory compliance. 
  • Video

    September 3, 2020
    Cyber risk quantification (CRQ) uses industry leading and highly vetted probabilistic models to more accurately describe the cyber security and technology-based risks facing an organization. Tune in to Protiviti's subject matter experts answer 15 frequently asked questions about CRQ.
  • Podcast

    May 19, 2021
    Honeywell surprised the quantum computing world in 2020 by announcing the most powerful system on Earth at the time … then claiming they’d make it ten times more powerful within a year! Turns out that having a century of industrial research experience can come in handy when trying to alter the future of high-performance computing. In this episode, we talk with Justin Ging from Honeywell Quantum…
  • Podcast Transcript

    January 5, 2021
    In this episode, Kevin Donahue, a senior director with Protiviti speaks with Protiviti's associate director Justin Turner and manager Derek Dunkel-JahanTigh about security for industrial control systems, or operational technology. 
Loading...