Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Newsletter May 10, 2022 SIFMA Quantum Dawn VI A Decade of Testing and Resilience Over the past 10 years, the Securities Industry and Financial Markets Association (SIFMA) has coordinated a series of industrywide resilience exercises known as Quantum Dawn. These exercises provide a forum for financial firms, regulatory bodies, central banks, law enforcement, government agencies, trade associations and information-sharing organisations to… Whitepaper June 1, 2022 How can an enterprise use access management to establish a Zero Trust environment? A hybrid RBAC, ABAC and PBAC framework is the best practice approach A strong access management programme is foundational to establishing a Zero Trust environment by using contextual information to continuously validate that users are who they say they are and by restricting user access to necessary resources only. Within the Zero Trust framework, identity governance and risk-based… Newsletter November 6, 2019 LA SFIDA DELLA QUANTIFICAZIONE DEL RISCHIO CYBER Cambiano scenari e modelli, “incursori” e attori della protezione e non sempre l’approccio a silos basato sui controlli (regolamentarie non) e sulla sicurezza operativa riesce a precedere nuovi fenomeni. Se il cyber risk è fra le prime preoccupazioni per le aziende europee (italiane comprese) come indica il report “Regional Risk for Doing Business 2019” diffuso dal World Economic… Whitepaper February 21, 2023 ISO 27001: 2022 - Key Changes and Approaches to Transition This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organisations can take to implement the changes introduced. There have been significant advancements in technology, as well as an increase in the complexity of security threats since the last iteration of ISO 27001 was published on September 25, 2013. The changes introduced in… Flash Report May 14, 2021 President Biden executive order to strengthen U.S. Cybersecurity will impact federal agencies and public and private sector organisations On May 12, President Joe Biden issued the Executive Order on Improving the Nation’s Cybersecurity. This executive order (EO) is the most recent action by the administration to strengthen U.S. national cyber defenses and address cybersecurity threats and attacks that continue to grow in magnitude, impact and frequency. It is intended to protect networks in the federal, public and private… Newsletter February 12, 2021 Implementing Operational Resilience Across the Organisation: An Essential Checklist Like any enterprisewide organisational change, implementing an operational resilience programme across an organisation requires a careful and collaborative effort to be successful. Whether implementation has been in the works for several years or is just beginning, turning the resilience programme from concept to reality is hard work. Except for the most dynamic and change-… Flash Report December 18, 2020 SolarWinds Vulnerability Update – Indicators of Compromise and Recommended Actions The news of the cyber attacks being experienced by government agencies and an expanding list of organisations continues to grow and change on almost an hourly basis. This is proving to be potentially one of the most significant cyber breaches in recent times. Following up on our December 14, 2020, Flash Report on the CISA advisory, and in response to numerous questions and inquiries we… Flash Report December 14, 2020 CISA Issues Emergency Directive to Mitigate SolarWinds Orion Code Compromise On December 13, 2020, the Cybersecurity & Infrastructure Security Agency (CISA) issued an emergency directive detailing required action for federal agencies to mitigate the threat of the recently discovered compromise involving SolarWinds® Orion® Network Management products that are currently being exploited by malicious actors. (Read the SolarWinds Security… Client Story June 16, 2023 Leading Biotechnology Company Enhances AWS Environment Security and Risk Control A leading biotechnology company that develops life-transforming medicines has worked for decades to improve the lives of those who rely on their work. But recently, they found themselves in need of assistance to enhance the security of their AWS environment. Client Story June 16, 2023 Blockchain/Web3 Startup Blocks Gaps and Improves AWS Security Posture A blockchain/web3 startup engaged Protiviti to review their AWS environment. While getting the product to market as fast as possible was a primary goal for the client, security was an afterthought in many scenarios. To address this need and prevent a potential catastrophic security event, the client wanted a quick and consistent way to understand where their security gaps were and how they could… Load More
