Everyone is talking about compliance and fines when it comes to an organization’s data. Fines must not be the driving factor to take control of your data. It must start with Trust.
The attack on the Colonial Pipeline was one of the most major hacks in the history of critical infrastructure. But, this was not a hack on Colonial Pipeline’s IT, but their Operational Technology. The pipeline, which normally carries 2.5m barrels a day, is digital in terms of its operations.
Schrems II and International Data Transfers: The Journey to a new Privacy Shield and Who Is Leading the Way
Companies are still feeling the impact of the European Court of Justice decision last July that torpedoed the Privacy Shield, raising huge question marks about the future of international data transfers between the EU and US.
Recent research by Tessian found that a higher proportion of young men were likely to consider a career in cyber security than young women.
Environmental, Social, and Corporate Governance: Why a Privacy-Focused Company is a Sustainability-Focused Company
Holding less data means less storage, less power usage and this is better for the environment. In short, be lean with data, less power, more profit, better for the environment.
South Africa’s Protection of Personal Information Act (POPIA) comes into enforcement from 1st July 2021.
During this session Ciaran will discuss the developments of secure technologies both now and in the future.
Data breaches via third parties are a growing problem for GDPR compliance.
Security cannot be done in a silo. The extent and nature of data shared across line of business functions both internally and externally fuels instances of system and organizational vulnerabilities.
Zero trust can deliver greater security, less demanding workloads, reduced IT complexity and can be used to improve data protection and user experience.
Digital technology is transforming the way businesses operate around the world and data has never been able to be shared so quickly and easily in real time. However, the General Data Protection Regulation requires data usage to be lawful, fair and transparent, with strict requirements to minimise and limit the purpose of data.
How to Prevent Credential Stuffing Attacks While Managing Risk and Trust - Sponsored by CyberSixgill
Credential stuffing is a brute force attack that can be low-risk, high-reward for cyber criminals. This panel will debate the defence techniques that can be used to guard against this threat.
From employees accidentally clicking on malicious links, to sabotage, theft of data and unauthorised access, companies have plenty of potential insider cyber security threats to consider.
The Biden Presidency – less than six months old – has been a surprise to many who expected that the vicissitudes of the past four years and the challenges of the pandemic would lead to a period of stability over change. Instead, President Biden seems to have decided to take a different approach, pushing forward with far-reaching economic policies such as the extensive COVID-19 relief act. As some have suggested, if Biden campaigned as a moderate, he appears eager to govern as a radical.
Regulatory Technology (RegTech) for the FinCrime space is now a multi-billion-dollar global industry, and is being promoted by leading regulators as an important new weapon in compliance and risk management.
In a recent report, the City of London Corporation has argued that the financial services sector needs to leverage new regulatory technologies (RegTech) to meet their obligations and fight financial crime. The report follows a succession of other statements from leading regulators in the US, Europe and Asia-Pacific, all making similar points.
In the last few years, financial services providers and Regulatory Technology (RegTech) firms have talked a great deal about the deployment of new data-driven technologies, usually with a focus on automation and supervised machine learning to core compliance tasks such as sanctions screening and transaction monitoring.
The problem of fragmentation affects the world of FinCrime in many ways. Within compliance and risk management functions, the past isolation of AML, fraud and sanctions teams has led to key risks falling between the institutional gaps – a problem exacerbated when the teams use different platforms and data streams.
The social restrictions of the COVID-19 pandemic have been a major impediment to financial criminals, who rely on easy access to the financial system to move dirty money.
Most public attention on the private sector’s efforts against FinCrime is devoted to the role of financial institutions, and in particular, banks. This is quite logical, given the centrality of their roles as the gatekeepers of the financial system, and the parts they have unwittingly played in moving illicit funds around the global economy.
For most of the last decade, regulators have encouraged financial institutions to instil a positive compliance culture amongst staff to help ensure that they meet their FinCrime obligations. ‘Tone from the top’ is a phrase that has often been invoked to emphasise the need for business leaders to lead the way for their teams in this.
Many key players in the FinCrime world have been seeking to define the term ‘effectiveness’. Following the lead of the global standard setters, the Financial Action Task Force (FATF), most regulators have sought to assess the issue through subjective evaluations of ‘how well’ businesses meet their compliance obligations.
Leading international law enforcement agencies such as Europol tell us that corruption has become one of the most vital enablers of serious organised crime and financial criminality – and a problem that touches not only so-called ‘high risk’ emerging markets, but developed societies too.
Critics often complain that the compliance profession is something of a closed-shop for white, middle-class men who have worked for decades in the financial services sector, and dominate the top tiers of senior management in the field.