Cybersecurity Governance News – 3/4/16

by | Mar 4, 2016

The technological elements of cybersecurity remain the easiest to regulate and build. The human elements, on the other hand, require changes that many companies are too slow in adopting.

Firms Expect Greater Government Cybersecurity Oversight

CSO, Mar. 1
A surprising 90% of corporate board members said that regulators should hold businesses liable for breaches if they were negligent with customer data or failed to have reasonable security in place.

Read Article

HHS Issues “Crosswalk” Between HIPAA and NIST Cyber Standards

DHHS Office for Civil Rights, Feb. 2016
Organizations that have already aligned their security programs to either the NIST Cybersecurity Framework or the HIPAA Security Rule may find this crosswalk helpful as a starting place to identify potential gaps in their programs. Addressing these gaps can bolster their compliance with the Security Rule…

Read Article

Last Year’s IRS Hack Was Way Worse Than We Realized

WIRED, Feb. 26
The initial IRS report indicated that 114,000 accounts had been compromised. It revised that number last August, raising it to 334,000. On Friday, the IRS added another 390,000 accounts to the pile, for a total of well over 700,000 people…

Read Article

The Weakest Link Will Always Be the Human Element

GovTech, Mar. 1
The weakest link will always be the human element. However, there are many new interesting technologies that could significantly impact cybersecurity in the near future…

Read Article

C Suite Insights on Cybersecurity

Security Intelligence, Feb 17
54% acknowledged risks from organized crime groups. However, many tend to overemphasize the risks from opportunistic rogue actors and discount the dangers from other sources such as industry spies, domestic and foreign governments and inside personnel…

Read Article

Survey Reveals Cybersecurity Education & Training Gaps Among Boards, C-Level Executives

BusinessWire, Feb. 25
According to the survey, nearly one third of executives reported experiencing three or more cyberattacks on their company in 2015. Thirty-five% of respondents either do not know or are not sure what legally constitutes a data breach in their state, and nine percent of executives report that they are never briefed on cybersecurity matters.

Read Article

Subscribe
Be notified of new Journal entries in your email box or Follow us on Twitter.