All Training articles – Page 3
-
TrainingRansomware Attack: A scenario-based immersive learning
Take this self-directed, interactive immersive study of a fictional cyber event based on real-life scenarios to deepen your understanding of the importance of crisis management planning and put you in the shoes of a compliance leader during a ransomware attack.
-
TrainingOn-demand training: Everything you need to know about ESG but were afraid to ask
Take this self-directed, interactive course to deepen your understanding of the increasing importance of environmental, social, and corporate governance initiatives and how ESG planning processes can help manage risks and lead to better reporting outcomes.
-
ArticleBehavioral science: A tool for successful cultural change
Real cultural change requires an understanding of the drivers of human behavior. And the most effective means of grasping these drivers is through behavioral science.
-
ArticleMind your language: How small changes in phrasing make big differences
Risk and compliance professionals are tasked with trying to change attitudes and behaviors to achieve their goals. Subtle adjustments of emphasis and wording can have a significant impact on their success.
-
ArticleThe importance of maintenance and record-keeping
Stringent maintenance and record-keeping measures are part of the foundations of an effective compliance and risk management framework, so their neglect is as puzzling as it is unwise.
-
ArticleCW National 2022 Q&A: Krista Haugner Sieg on engaging compliance training
Krista Haugner Sieg, senior compliance training and communications leader at GE Healthcare, previews her workshop titled, “Making Engagement and Effectiveness a Reality - Building the Right Training for your Employees and Business,” at CW’s National Conference in Washington, D.C. from May 16-18.
-
ArticleCompliance implications of USAA order addressing AML lapses
The consent order issued by the Office of the Comptroller of the Currency against USAA Bank imparts lessons for compliance officers in the financial services industry on how—and how not—to maintain a Bank Secrecy Act/anti-money laundering compliance program.
-
ArticleTop 10 reasons to attend Compliance Week 2022
A keynote with two SEC commissioners; interactive sessions on global sanctions, ESG, and ethical leadership; and a new conference location and format highlight Dave Lefort’s list of reasons to be excited for CW’s first in-person event in nearly three years.
-
ArticlePwC Canada fined $950K for internal training exam cheating
The Canadian affiliate of Big Four audit firm PwC has agreed to pay $950,000 in penalties between audit regulators in the United States and Canada after discovering widespread cheating among employees taking internal exams.
-
ArticleCompany cybersecurity certifications: Business case and where to start
Rachael Pashkevich Koontz, senior corporate counsel of cybersecurity compliance at T-Mobile, shared her opinions on cybersecurity certifications and determining the right fit for certain organizations at CW’s virtual Cyber Risk & Data Privacy Summit.
-
PremiumEpilogue: What happened to Betsy?
The “patient zero” of fictional private utility company Vulnerable Electric’s ransomware crisis learns her fate.
-
PremiumChapter 4: Recovery and lessons learned post-ransomware attack
Whether fictional private utility company Vulnerable Electric pays the ransom or not in the aftermath of its cyber incident, the two pathways quickly splinter off in different directions with varied endings, each with important lessons to be learned.
-
PremiumRansomware case study glossary
The field of cybersecurity features a growing list of terminology to describe the many forms, channels, and motivations behind cyberattacks and hacking culture. Learn further definitions for some key terms featured throughout the ransomware case study.
-
PremiumChapter 3: Ransomware eradication prompts tough choice: To pay or not to pay?
No matter what, the deck is stacked against fictional private utility company Vulnerable Electric as it weighs whether to pay the $5 million ransom demanded by a cybercriminal who breached its systems. Which path do you take?
-
ArticleLRN survey: Shared elements of ‘high-impact’ ethics and compliance programs
Board engagement, changes to meet the needs of employees working remotely, simplified and searchable policies and procedures, and more were key among the traits of high-impact ethics and compliance programs as defined by LRN’s annual effectiveness report.
-
PremiumChapter 2, Part 2: Ransomware damage control and when to alert stakeholders
Systems at fictional private utility company Vulnerable Electric remain impacted in the aftermath of a ransomware attack, but the chief executive decides it’s time to be forthright with employees and customers.
-
PremiumChapter 2, Part 1: Containment key to ransomware defense
With Day 2 of fictional private utility company Vulnerable Electric’s ransomware crisis comes the need to grasp the extent of its situation. The cyber incident response team’s synchronized efforts are pivotal as time is of the essence.
-
ArticleCW case study offers 360-degree view of ransomware attack
Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s third case study.
-
PremiumChapter 1, Part 1: Betsy’s human error triggers ransomware crisis
When one of fictional private utility company Vulnerable Electric’s most dedicated employees falls victim to a social engineering hack, her actions in the immediate aftermath are crucial to what will soon become a crisis for the C-suite.
-
PremiumChapter 1, Part 2: All hands on deck in C-suite ransomware response
Following the events that triggered a double extortion ransomware attack, the CEO of fictional private utility company Vulnerable Electric mobilizes her cyber incident response team to begin assessing the path forward to dealing with the cybercriminal(s).