Top concerns for audit executives? Cyber risks and data governance
As organizations continue to collect customer and employee data, chief audit executives (CAEs) are increasingly concerned about how to govern and protect it. Gartner conducted …
compliance
What financial records do companies need to keep, and for how long?
Companies generate stacks of documents and managing them correctly is crucial. It can be complicated to balance organizational requirements, employee interests, and legal …
Defining risk controls that actually work
Previously, we looked at practical ideas for conducting the complex information security risk assessments that all enterprises should regularly perform. The right methodology …
Examining security process maturity in 400 organizations
There’s an overall failure in maturity of security processes of over 400 organizations in industries ranging from e-commerce, retail and payment processor to …
Companies unprepared to deal with mobile attacks, synthetic identity fraud, CCPA compliance
There is a growing impact of large-scale data breaches and fraud on consumer trust and the critical need for businesses to balance the digital consumer experience with strong …
Rapid SaaS adoption compounds visibility concerns
The stakes are higher than ever to ensure that their organizations are protected from a security and compliance perspective, but new survey data from Blissfully shows that IT …
Being compliant with laws and regulations is not a guarantee against data breaches
Compliance is not a guarantee against data breaches. These are the results of the Advisera survey carried out with 605 respondents, coming from countries on five continents, …
Security and compliance gaps of ineffective employee onboarding and offboarding
There are significant gaps in the compliant management of employee resources throughout the employment lifecycle. Just 15% of employees have all the resources they require to …
Assessing risk: Measuring the health of your infosec environment
There is an uncomfortable truth that many organizations are not conducting comprehensive assessments of their information security risk; or those that do aren’t getting much …
Companies vastly overestimating their GDPR readiness, only 28% achieving compliance
Over a year on from the introduction of the General Data Protection Regulation (GDPR), the Capgemini Research Institute has found that companies vastly overestimated their …
Organizations continue to struggle with privacy regulations
Many organizations’ privacy statements fail to meet common privacy principles outlined in GDPR, CCPA, PIPEDA, including the user’s right to request information, to …
Only one quarter of retail banks have adopted an integrated approach to financial crime systems
Most banks plan to integrate their fraud and financial crime compliance systems and activities in response to new criminal threats and punishing fines, with the U.K. leading …