cyber risk assessment
September 16, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, IT, Privacy and Security, Leadership and Management, Mobile Device Management, Network, Systems and Data Security, Sales, Marketing and Operations, Systems and Data Management,
It is not sufficient to say that cyber risk is high, medium, or low. The leaders of the organization need to be able to figure out what is the right level of resources to allocate to cyber defense and response; what is the right level of attention at board and executive committee level; and what should be communicated to shareholders and others.
cyber defence, cyber risk assessment, cyber risk management
August 12, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security,
The experts continue to bombard us with their advice, insight, and guidance for addressing cyber.
cyber, cyber exposure, cyber risk, cyber risk assessment, cyber risk management
April 1, 2019 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Backup and Disaster Planning, Business and Legal Issues, Finance and Accounting, IT, Privacy and Security, Leadership and Management,
Vince Dasta of Protiviti makes a good point (pun intended – as will be explained shortly) in Cyber Risk Assessment: Moving Past the “Heat Map Trap”.
cyber risk, cyber risk assessment, Cybersecurity, risk assessment
January 21, 2019 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Backup and Disaster Planning, Business and Legal Issues, Competition, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Sales, Marketing and Operations,
Success in business is taking the right level of the right risks. It all comes down to helping leaders make informed and intelligent decisions.
Anti-money laundering, cyber prevention, cyber risk, cyber risk assessment, risk, risk management
November 26, 2018 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Corporate Governance, Cyberlaw, Internet Law, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Mobile Device Management, Network, Systems and Data Security,
The National Cyber Security Center (NCSC) is a part of the UK’s Government Communications Headquarters (GCHQ). If you are like me, you may have only heard about GCHQ in an unflattering context, that of working with US intelligence agencies to spy on foreign heads of state and hack foreign agencies.
cyber risk, cyber risk assessment, cyber security
September 5, 2018 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Corporate Governance, Cyberlaw, Internet Law, Finance and Accounting, Financial Compliance / Planning / Management, IT, Privacy and Security, Mobile Device Management, Network, Systems and Data Security, Privacy Compliance and Management
IS ROI on cyber really as high as it may seem at first glance? At some point, it may be better to consider cyber risk as a “cost of doing business”. If you can’t actually reduce the likelihood of a breach, can you at least increase the likelihood of prompt detection and response?
cyber attack, cyber breach, cyber incident response plans, cyber risk assessment, cyber threat, Cybersecurity, information security
June 6, 2018 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Competition, Corporate Administration, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Mobile Device Management, Network, Systems and Data Security
Should we give up auditing information security and the management of cyber risk? Not at all. But we should do so with eyes wide open. We should recognize the limitations of our knowledge, tools and techniques and the likelihood that hackers have new techniques that are unknown both to auditors and management.
Breaches due to malware or spyware, cyber, cyber attack, cyber risk assessment, cyber security, cyber threat, cybersecurity risks, IT Audit, IT auditing, IT risk assessment, malware
January 13, 2016 Occasional Contributors Backup and Disaster Planning, Budgeting and Auditing, Business and Legal Issues, Corporate Governance, Cyberlaw, Internet Law, E-Commerce, Finance and Accounting, IT, Privacy and Security, Mobile Device Management, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations, Social Media/Social Networking, Systems and Data Management, Web design and Management
Deloitte has published good work. One of my favorites is their risk-intelligent white paper series. Recently, they released Cybersecurity and the role of internal audit. It has both superior and inferior advice. Let me walk through it.
cyber risk assessment, cyber risk management, cyberattacks, Cybersecurity, Deloitte, information technology, internal audit, multiyear cybersecurity internal audit plan, Norman D. Marks, risk assessment, risk-intelligent white paper series
