First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

cyber-attacks

Three cybersecurity trends driving the Bank of Canada’s call for cybersecurity to be treated as a ‘public good’

As the level and sophistication of cyber-attacks continue to grow, there will be a mounting pressure on regulators to continue to develop coordinated, meaningful, mandatory minimum standards that are enforceable against all financial institutions and FMIs as well as their service providers.

 

, , , , , ,

How much cyber risk should an organization take?

I did a video with Joe McCafferty of MISTI last month. I am interested in whether you share my views. I also have some questions for you—after you watch the video.

 

, , , , , , , ,

Cybersecurity: CSA issues new guidance

Cybersecurity is top of mind for corporate boards and securities regulators alike. On September 27, 2016, the Canadian Securities Administrators (CSA) issued CSA Staff Notice 11-332 – Cyber Security (2016 Notice). The 2016 Notice updates the CSA’s previous notice on the same topic, CSA Staff Notice 11-326 Cyber Security for reporting issuers, registrants and regulated entities.

 

, , , , , ,

IP address as personal information: Canadian and EU positions

The Office of the Privacy Commissioner’s findings do not mean that consent to the collection of an IP address is always required. There may be a number of legitimate reasons for collecting this information, including those relating to security of the site. These reasons would not necessarily extend, however, to collection and use of IP addresses for advertising purposes without some form of consent.

 

, , , , , , , , ,

Cyber risk insurance: Driving the risk management process

Insurers and other insurance professionals have traditionally been well positioned to drive improvements in risk management processes. Cyber-security risk is a modern phenomenon which has arisen in the electronic information and internet age, and the insurance industry is demonstrating that it can play a key role both in educating and equipping public and private sector organisations to manage this emerging risk, and in providing insurance protection.

 

, , , , , , , ,

Risk management in a digital world – Addressing cyber-security threats at the board level

The role of the Board of Directors has necessarily adapted to include an increased focus on risk management. In our digital world, cyber-attacks are now a pervasive risk and the perceived lack of board oversight has garnered scrutiny by consumers, regulators, legislators, litigants and the media.

 

, , , , , , , , , , , , , , , , ,