First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

hackers

Cyber risk and audit

Clearly, cyber risk and audit is the topic of the day, if not the year and decade. The leader of Protiviti’s IT audit practice, David Brand, has weighed in with “Ten Cybersecurity Action Items for CAEs and Internal Audit Departments”. He has some valuable ideas that merit consideration, not only by internal auditors, but by security professionals, boards, risk officers, and more broadly among the executive group. I will let you read his post and suggested action items.

 

, , , , , , , ,

Some legal pitfalls of security breaches to your company’s electronic data

The recent loss of a Canadian government hard drive containing personal information of receivers of student loans and the ensuing class action lawsuit are a stark reminder of how easy it is to be exposed to the pitfalls of data security breaches.

 

, , , , , , , , , , , , , , , , , , , , , ,

Protecting sensitive data against the insider threat with data masking

With an overabundance of information being stored or created in electronic format, and various tools for turning data (i.e., personally identifiable information, intellectual property, credit card) into cash, goods, and other services, the risks of doing business have increased. We are hearing more and more about attacks where the target is sensitive data, and the perpetrators are those with elevated levels of trust and access within the business.

 

, , , , , , , , , , , , , , , , , , , , , , ,

Online security – not just for big business

Surely you’ve heard about the major security and data breaches that Sony has experienced this year. It’s bad. It’s a liability. Despite the popularity of their online services, they’ll have to work hard to regain customers’ loyalty. Other big names have experienced similar attacks.

 

, , , , , , , , , , , , , , , , , , ,