Cybersecurity Governance News – 2/19/16

by | Feb 19, 2016

Turning cybersecurity theory into practice is a challenge in the government and business spheres. The real world consequences of overconfidence in partially implemented plans can lead to ransomware demands and data breaches, putting CEO and Boards at risk of litigation.

Board Engagement in Cyber Risk Management

NACD BoardVision, Feb. 4
NACD Director of Strategic Content Development Robyn Bew sits down with managing director Scott Laliberte of Protiviti, to discuss how best to ensure your board is properly engaged.

Read Article

Is the Government Using Its Own Cybersecurity Standards?

Cybergovernance Journal, Feb. 15
Breaches are almost always traced to a human failing rather than faulty technology or a bad implementation. Putting the right threat protection technology in place is an absolute necessity, but a strong case can be made for focusing on the organization first and then on the technology measures.

Read Article

Study Reveals That U.S. IT Pros are Overconfident in Cyberattack Detection

Canadian Underwriter, Feb. 12
Respondents to the study displayed “high levels” of confidence in their ability to detect a data breach, yet when asked how long it would take automated tools to detect unauthorized configuration changes to an endpoint on their organizations’ networks, 67% only had a general idea, were unsure, or did not use automated tools.

Read Article

Hackers Are Holding an LA Hospital’s Computers Hostage

WIRED, Feb. 11
Symantec recently pegged the total amount of ransomware paid out in any given year at $5 million. This single incident asks for well over half that amount. In the past, ransomware could only lock down a target’s keyboard and computer; now, hackers can encrypt an infected system’s files with a private key known only to the attacker.

Read Article

The Cyber Threat Risk – Oversight Guidance for CEOs and Boards

LogRhythym White Paper
As cyber criminals step up their game, government regulators get more involved, litigators and courts wade in deeper, and the public learns more about cyber risks, corporate leaders will have to step up accordingly.

Read Article

A Universal Model for Assessing Cyber Risk

LinkedInPulse, Feb. 17
“Cyber coverage falls into two categories: (1) forms that offer coverage for first-party risks, such as cybercrime, viruses and system malfunctions; and (2) forms that insure against third-party risks, such as data breach claims and claims for the infection of outside systems.” Now a third form is needed to address personal liability incurred by corporate directors in governing cybersecurity.

Read Article

Subscribe
Be notified of new Journal entries in your email box or Follow us on Twitter.