- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-10-11T20:21:00
Businesses unnecessarily storing massive amounts of useless data create a “data hoarding” situation hackers love to exploit, according to a cybersecurity expert.
On average, two-thirds of the data stored by businesses is not needed and should be destroyed, said Tim Ayling, vice president of cybersecurity for Europe, Middle East, and Africa at information technology security company Imperva. Holding on to data creates vulnerabilities for businesses by giving cyberattackers more avenues to access an organization’s computer systems.
The more data a business has, the broader its attack surface is, meaning there are more possible vulnerabilities available for a hacker to exploit. If hackers can get access anywhere on a system, it might allow them to gain entry to other areas and extract other data they want.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
The United States and United Arab Emirates finalized an agreement to work together to safeguard the financial sector from cyberattacks.
The furor over NatWest Group’s decision to monitor and close the account of right-wing Brexit campaigner Nigel Farage—and then disclose the details to a journalist—has raised questions regarding whether other banks employ the same means to get rid of undesirable customers.
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.
