Upholding compliance requires an organization-wide effort. In today’s digital landscape, there is no short supply of risks that organizations must be aware of in order to maintain compliance and avoid potential penalties or breaches. To help build awareness and mitigate harm, let’s explore the 7 common risks that hinder compliance efforts.
As organizations operationalize the latest SEC cyber event reporting obligations, the time is ripe to discuss not only how cyber events are reported, but who owns cyber risk, and how collaboration can reduce organizational risk.
Hello experts! In the first episode of On Your Radar, Judy sat down with privacy and compliance thought leader Jodi Daniels to talk about what she expects from regulations in 2024 and what technology trends organizations should keep an eye on to maintain compliance in the new year.
Effective November 1, 2023, the Part 500 amendment to the NYDFS Cybersecurity Regulation (23 NYCRR 500) is a new set of cybersecurity requirements for all covered financial institutions. The NYDFS bolsters cybersecurity requirements through a series of changes that address both the advancements of the cybersecurity threat landscape as well as increased opportunities for organizations to protect themselves.
LinkedIn’s Chief Privacy Officer, and RadarFirst Board of Directors member, Kalinda Raina, joined us in a recent session of The Privacy Collective, Teachable Moments: Children’s Privacy Policies. In this session, we discussed privacy and compliance alignment to gain lessons from children’s privacy regulation and discuss how organizations can build resilient privacy policies to protect people of all ages.
To better understand what the SEC disclosure rules and the announced amendments mean for organizations, C-suite executives, and Board-level stakeholders, RadarFirst CEO Don India met with privacy, cyber, and risk experts to investigate why the SEC amendments make cybersecurity disclosure a Board-level issue.
It’s easy to denounce silos and promote collaboration, but how does an organization actually go about enabling communication, compliance, and coordinated action across and between departments? Read more from Judy Titera, Independent Director, Consultant (former Chief Privacy Officer at USAA).
To accurately identify, mitigate, and reduce risks across an organization—be they electronic or paper, malicious or non-malicious—key departments must share the burden of privacy incident response and privacy by design. Collaboration is key, as privacy, security, legal, and product teams effectively work together.
When it comes to managing risk, CISOs must know what threatens the privacy and security of their organization’s sensitive data. That means having the ability to identify and measure all the risks lurking throughout the enterprise—no easy feat. Read more on successfully measuring and managing privacy risks in this blog.
Privacy and security may have different terminology and short-term objectives, but their overarching mission is the same: to protect the organization and its stakeholders. With proactive relationship-building, ongoing communication to build awareness, and with integration to enable an efficient, collaborative workflow, both teams can achieve their individual and overarching goals better than either would alone.
