Network, Systems and Data Security
February 14, 2020 McCarthy Tétrault LLP Accounting Systems and Controls, Corporate Governance, Finance and Accounting, IT, Privacy and Security, Network, Systems and Data Security, Privacy Compliance and Management,
On January 31, 2020, the Advisory Committee on Open Banking (the “Committee”) issued its first report (the “Report”) in connection with the Department of Finance Canada’s (“Finance Canada”) consultation process on open banking.
Cybersecurity, financial stability, open banking, privacy, security risks
January 17, 2020 McCarthy Tétrault LLP Business and Legal Issues, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Privacy Compliance and Management,
In November 2019, the Investment Industry Regulatory Organization of Canada released new mandatory reporting requirements for cybersecurity incidents, per IIROC Notice 19-0194. What are the new requirements?
Cybersecurity, IIROC, Privacy laws, reporting cyber incidents, Reporting requirements, risk assessment, risk of harm
January 13, 2020 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security,
You may be surprised to hear that the average cost of a data breach is just $3.9 million. That sounds far different than indicated by the alarm bells screaming at you from all sides.
breach detection, cyber breach, Cybersecurity, enterprise risk management, technology risk
December 23, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Budgeting and Auditing, Business and Legal Issues, Competition, Corporate Administration, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Sales, Marketing and Operations,
If you want to know how effective risk management is, you should ask the customer and not the provider.
business impact analysis, cybersecurity risks, Enterpri, risk management, risk to objectives
December 17, 2019 Occasional Contributors Backup and Disaster Planning, Business and Legal Issues, Corporate Governance, E-Commerce, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations,
This year has seen a number of interesting developments in Canadian cyber security. While the first wave of data breach cases slowly work their way through the court system, guidance for Canadian businesses has come from many other sources, including the federal government and regulators.
cyber, cyber in, cybersecurity risks, Data breach, Digital Charter, Personal Information Protection and Electronic Documents Act
December 4, 2019 Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons) Accounting Systems and Controls, Backup and Disaster Planning, Board of Directors, Process and Responsibilities, Business and Legal Issues, Charities, Cyberlaw, Internet Law, E-Commerce, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Mobile Device Management, Network, Systems and Data Security, Not for Profit, Privacy Compliance and Management, Social Media/Social Networking, Systems and Data Management,
Not-for-profits have numerous opportunities to leverage information technology (IT), from social media to cloud computing and beyond.
Baseline security controls, cloud computing, CyberSecure, CyberSecure Canada, Cybersecurity, passphrases, passwords, phishing, SOC 3
December 2, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, Cyberlaw, Internet Law, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations, Systems and Data Management,
A couple of recent pieces shed some light, some amazing light, on how cyber-related risk is perceived by executives and the board.
cyber, cyber risk, cyber security, Cyber threats, enterprise risk-based approach, risk management, risk-based approach to cybersecurity
November 25, 2019 Norman D. Marks, CPA, CRMA Accounting Systems and Controls, Backup and Disaster Planning, Business and Legal Issues, Corporate Governance, E-Commerce, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Sales, Marketing and Operations,
Only when the business impact is understood does it make sense to get into the details of which risks to which information assets should be mitigated and how.
cyber breach, cyber risk assessment, mitigating risk, risk assessments, risk evaluation, risk heat maps, risk to objectives
November 4, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Budgeting and Auditing, Business and Legal Issues, Corporate Administration, Corporate Governance, E-Commerce, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Mobile Device Management, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations, Systems and Data Management,
There’s another useful article on Forbes. How to talk to the board about cybersecurity is written by an experienced CIO, John Matthews. Here are some useful excerpts with my highlights:
breach notification, breach prevention, cyber risk, cyber security, Cybersecurity, cybersecurity risks, risk management policy, risk of a breach, risk of data breaches
October 1, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Budgeting and Auditing, Business and Legal Issues, Corporate Governance, E-Commerce, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Sales, Marketing and Operations,
There’s an interesting article in the Harvard Law School Forum on Corporate Governance and Financial Regulation. What the Capital One Hack Means for Boards of Directors has some interesting insights that merit the attention of risk, cyber, audit, and governance practitioners.
corporate governance, cyber attack, cyber defence, cyber prevention, cyber risk, cybercrime, Cybersecurity, digital interconnectivity, financial regulation, risk management
September 27, 2019 McCarthy Tétrault LLP Accounting Systems and Controls, Business and Legal Issues, Corporate Governance, Cyberlaw, Internet Law, E-Commerce, Finance and Accounting, Financial Compliance / Planning / Management, Fraud and Corruption, IT, Privacy and Security, Network, Systems and Data Security, Privacy Compliance and Management, Records Management and Retention,
FATF issues guidance on virtual assets
Anti-money laundering, FATF, Financial Action Task Forc, Internal Controls, virtual assests, virtual currency
September 16, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, IT, Privacy and Security, Leadership and Management, Mobile Device Management, Network, Systems and Data Security, Sales, Marketing and Operations, Systems and Data Management,
It is not sufficient to say that cyber risk is high, medium, or low. The leaders of the organization need to be able to figure out what is the right level of resources to allocate to cyber defense and response; what is the right level of attention at board and executive committee level; and what should be communicated to shareholders and others.
cyber defence, cyber risk assessment, cyber risk management
September 13, 2019 McCarthy Tétrault LLP Accounting Systems and Controls, Business and Legal Issues, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Network, Systems and Data Security, Privacy Compliance and Management, Records Management and Retention,
On July 10, 2019, final amending regulations were issued amending each of the existing regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act.
cross-border currency transfers, electronic funds transfers, foreign money services businesses, money laundering, prepaid cards, Proceeds of Crime (Money Laundering) and Terrorist Financing Act, virtual currency
September 4, 2019 Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons) Business and Legal Issues, IT, Privacy and Security, Mobile Device Management, Network, Systems and Data Security, Privacy Compliance and Management, Software Acquisition, Implementation and Maintenance, Systems Acquisition, Maintenance and Disposal, Uncategorized,
Organizations often make the mistake of considering the disposal of hardware only when they are ready to discard equipment, if at all. Instead, they should plan for hardware disposal throughout the entire systems development lifecycle, from acquisition and testing through to operations.
Apolone Gentles JD CPA CGA, COBIT 2019, degaussing, disposal of hardware, hardware disposal, Internet of Things, IoT, IT asset disposal, ITAD, managed assets - BAI09.03 Manage the asset life cycle, National Institute of Standards and Technology, NIST, sanitization, Special Publication 800-88 Revision 1
August 12, 2019 Norman D. Marks, CPA, CRMA Backup and Disaster Planning, Business and Legal Issues, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security,
The experts continue to bombard us with their advice, insight, and guidance for addressing cyber.
cyber, cyber exposure, cyber risk, cyber risk assessment, cyber risk management
