Authorities on Risk Assurance

The Shared Assessments Blog

Viewing Category: Cyber Risk

Comments Invited on Federal Banking Agency Enhanced Cyber Risk Management Standards

Published on October 19, 2016 By | Posted in: Cyber Risk, Data, Data Protection, OCC, Third Party Risk, Third Party Risk Management

The three federal banking regulatory agencies, the Federal Reserve Board, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency, announced an advance notice of proposed rulemaking (ANPR) regarding enhanced cyber risk management standards for large and interconnected entities under their supervision, as well as those entities’ service providers. The standards […]

APTs: The Newer, Smarter, and Actually Successful Wile E. Coyote

Published on January 15, 2016 By | Posted in: Advanced Persistent Threats, APT, Cyber Attacks, Cyber Crime, Cyber Risk, Cybersecurity

Remember the old Looney Tunes cartoons where Wile E. Coyote nearly destroys himself in attempt after fruitless attempt to capture the Road Runner? The Road Runner seems to have a sixth sense when a trap is sprung across his path and always escapes unscathed. Well, when it comes to cyber attacks, threat actors are far […]

Do Certain Companies Need A Security Committee?

Published on October 14, 2015 By | Posted in: Board of Directors, Cyber Risk, Cybersecurity, Security Committee

The Santa Fe Group, Chairman and CEO Catherine A. Allen, joins TK Kerstetter, host of “Inside America’s Boardrooms,” to discuss… Do Certain Companies Need A Security Committee? Episode Summary It makes sense that certain industries might get more attention with respect to the sensitivity of their data or their cyber risk impact on national security. […]

Know Your Enemy: The New Economics of Cyber-Crime

Published on August 17, 2015 By | Posted in: Cyber Crime, Cyber Risk, Cybersecurity

According to Paul Kocher, one of the leading U.S. cryptography experts, there has been a 10,000-fold increase in the number of new digital security threats in the last twelve years.1 So if you’ve been thinking there are a lot more data breaches in the news lately, you’re right. Twelve years ago, a significant percentage of […]

Cyber Insecurity In Our New World of IoT

Published on July 13, 2015 By | Posted in: Big Data, Cyber Risk, Data, Internet of Things (IoT), Privacy, Security

I recently attended the Executive Women’s Forum Summit, in New York City, on Unintended Consequences: Internet of Things (IoT) and Big Data which enabled a strategic dialog for information security, risk and privacy professionals navigating today’s changing digital landscape. In this two part blog series, I’d like to start a discussion on how both Big […]

The Next Generation of Third Party Risk

Published on May 26, 2015 By | Posted in: Cyber Risk, Cybersecurity, Risk, Risk Management

As a follow up to the 8th annual Shared Assessments Summit, the themes of governance continued to focus on third party risk, when I conducted a webinar hosted by the New York Stock Exchange (NYSE) Governance services and sponsored by Prevalent. The focus on third party risk has shifted from a line manager to the […]

Putting Reputational Risk in Perspective in a VUCA World

Published on May 5, 2015 By | Posted in: Cyber Risk, Cybersecurity, Risk Management, Self-Assessment, Shared Assessments Summit

Each year there is an annual Summit for third party risk professionals to network, train, and learn from each other and discuss with regulators how to manage third party risk and protect their company’s brand and assets. This year, the Shared Assessments Summit 2015 was held in Baltimore, MD. Being in Baltimore for the entire […]

Is There Something “Phishy” in the Water?

Published on May 4, 2015 By | Posted in: Cyber Risk, Cybersecurity, Phishing

Today’s cyber threat is a continually evolving landscape. Email phishing has moved from a poor grammar and a phony URL link email to a sophisticated targeted attack mode process. Cyber criminals are researching organization, often targeting individuals with access to the most sensitive system or information by obtaining company specific details such as: Organizational charts […]

The Cybersecurity Panic Room

Published on April 21, 2015 By | Posted in: Cyber Risk, Cybersecurity, Data Breach

The concept of a panic room is a fortified room in place in a private home or business to provide refuge or hiding from a home or business intrusion. Panic rooms tend to contain technology to contact law enforcement or medical resources, and resources to sustain basic resource needs until help arrives. While panic rooms […]

No Playing Hide and Seek With Cyber Security

Published on November 17, 2014 By | Posted in: Cyber Risk, Cybersecurity, Risk, Risk Management

The FFIEC recently released its Cyber Security Assessment observations, after conducting a pilot on cyber security readiness with more than 500 community institutions. A key theme emerging from the observations was the need for enhanced sharing of threat and vulnerability information across the public and private sectors. The rapid pace of change in emerging risks […]

Shared Assessments Logo Deluxe Corp
Shared Assessments Logo Ernst & Young
Shared Assessments Logo Iron Mountain
Shared Assessments Logo dtcc
Shared Assessments Logo radian
Shared Assessments Licensee ControlCase
Shared Assessments Logo pwc
Shared Assessments Licensee Rsam
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Logo usbank
Shared Assessments Licensee TD Ameritrade
Shared Assessments Licensee Bank of the West
Shared Assessments Licensee Lockpath
Shared Assessments Logo first data
Shared Assessments Logo Deloitte
Shared Assessments Licensee Pivot Point Security
Shared Assessments Licensee Protiviti
MetricStream logo
Shared Assessments Licensee ZS logo
Viewpoint Logo
Shared Assessments Licensee Power Advocate
Shared Assessments Logo sei