News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Kyle Brasseur2023-02-23T18:36:00
The increase in cyber incidents and data breaches over the last few years has been instructive for prudent businesses seeking to learn from the headlines to enhance their own systems. The same can be said for the bad actors carrying out such attacks.
For every informative takeaway gleaned from high-profile events like the Colonial Pipeline ransomware attack in May 2021 comes a lesson of equal importance for cybercriminals. Sure, the Department of Justice seized approximately $2.3 million of the $4.4 million ransom payment Colonial Pipeline made to its hackers, but the company still made the initial payment. The way the attackers leveraged Colonial Pipeline’s importance to East Coast fuel supplies to coerce the company’s leadership into believing paying up was its “duty … to the American public” serves as a template for other hackers to follow when considering their manipulation tactics.
To this point, a session at Compliance Week’s virtual Cyber Risk & Data Privacy Summit last week sought to provide attendees best practices for combating ransomware attacks. The discussion was modeled around CW’s ransomware attack case study published last winter.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
2023-03-10T19:32:00Z By Aaron Nicodemus
Software company Blackbaud agreed to pay $3 million to the Securities and Exchange Commission to settle claims it violated securities law by failing to disclose the true scope of a ransomware attack that affected 13,000 users.
2023-02-24T21:33:00Z By Aly McDevitt
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
2023-02-24T20:10:00Z By Adrianne Appel
Securing your organization’s private data when vendors have access to it means managing relationships from beginning to end, panelists at CW’s virtual Cyber Risk and Data Privacy Summit agreed.
2024-06-17T21:11:00Z By Jeff Dale
Top-of-mind issues addressed at Compliance Week’s Third-Party Risk Management & Oversight Summit, held June 3-4 in Atlanta, included safe deployment of artificial intelligence, assessing vendor viability and sustainability, understanding the role of procurement in risk ranking, the intersection (or lack thereof) between data privacy and cybersecurity, and many others.
2024-05-22T16:29:00Z By Aly McDevitt
Anne Morriss, co-author of “Move Fast and Fix Things,” advises compliance officers to tap into curiosity, communicativeness, and comfort with discomfort to build organizational trust, fast.
2024-05-16T13:43:00Z By Kyle Brasseur
Regulators and government agencies often speak to the value of empowered corporate compliance programs to advancing their mission. Why not practice what they preach by empowering compliance among their own ranks?
Site powered by Webvision Cloud