- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Jeff Dale2023-02-21T19:27:00
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at Compliance Week’s virtual Cyber Risk & Data Privacy Summit.
Maria Vullo, now an adjunct professor of law at Fordham University, said a strong cybersecurity program is structured with prevention, protection, mitigation, and governance as the core pillars.
Vullo advised starting with a risk assessment, stressing prevention is a “foundational requirement” of any good cybersecurity framework but not necessarily something companies should set and forget.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Tailoring your risk assessments to guidance from your relevant regulators is a good idea, a panel of compliance practitioners speaking at Compliance Week’s 2023 National Conference agreed. But it certainly isn’t the place to start.
Four senior compliance practitioners discuss how their respective companies invest in compliance with varying data privacy requirements.
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
The global average cost of a data breach jumped to an all-time high for the second year in a row, but companies can reel in the ballooning drag on profits by adopting artificial intelligence, according to an IBM report.
The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.
