The RE: View April 21-May 7, 2014
May 12, 2014 7:00am
The RE: View is a bimonthly look back at the headlines that caught the attention of our RE: Cyber contributors that senior executives and Board members should consider when assessing and managing cyber risk.
May 7, 2014
10 talking points about cybersecurity and your business, The Guardian
The number one takeaway from a recent cybersecurity conference: size doesn’t matter; you’re never too small to be attacked. Another key point: cybersecurity is not just a technology issue; culture and education are keys to cybersecurity. Read the full article for additional cybersecurity tips.
May 7, 2014
Companies need to move away from programs designed to "check the box" for security compliance to programs focusing on risk and which behaviors can reduce that risk.
May 6, 2014
CEOs beware: data breaches can now cost you your job. The removal of Target CEO Gregg Steinhafel shows Boards are willing to hold executives accountable for data breaches. A lesson learned: develop a strategy to deal with a breach before it happens.
May 2, 2014
Why Ignoring the NIST Framework Could Cost You, Huffington Post
The NIST Cybersecurity Framework was developed to enhance cybersecurity without enacting binding regulatory requirements. However, negligence lawsuits could use the Framework to shape reasonable standards of cybersecurity.
April 29, 2014
Data breaches can affect your bottom line. A Javelin Strategy & Research survey shows that one-third of consumers stop shopping at retailers that have been breached and nearly one-third leave their healthcare providers after a breach.
April 24, 2014
AIG cyber insurance covers bodily harm, CNNMoney
Consider cybersecurity insurance as part of your risk mitigation strategy. Cyber insurance products continue to evolve as evidenced by AIG’s recent expansion of its cyber insurance to cover property and bodily damage.
April 21, 2014
The SEC is planning to review the cyber polices of broker-dealers and investment advisors to determine whether they are prepared for potential cyber threats. Investment advisors, small or large, need to make sure your tools policies regarding governance, risk identification and assessment, network and data security controls, remote access and third party cyber risks are up to snuff.