cyber event reporting Archives - Page 2 of 2

DORA Compliance and Third-Party Risk Assessment

As the digital threat landscape evolves, no risk exists in a vacuum. With the increased reliance on third-party vendors, the risks organizations face from cyber threats can have impacts extending beyond the company, posing potential harm to consumers and even entire economies. To mitigate the fallout of cyber threats that arise through third-party vendors, the Digital Operational Resilience Act (DORA) is a pivotal regulation that aims to enhance information and communication technology (ICT) risk management and cybersecurity reporting through stringent oversight of third-party vendors.

CSIN Incident Response Planning

As new regulations aim at consumer and investor protections, the increased scrutiny of risk management, incident response, and business continuity planning is now a Board-level issue, and cyber event reporting and risk mitigation are crucial concerns for boards of directors across industries. How you plan to communicate risks during incident response is integral to compliant decision-making and escalation processes for CSIN reporting.

After the Incident: Navigating Notification Obligations

Imagine this: Your financial services organization handles sensitive customer information and falls victim to a ransomware attack. An employee clicks on a phishing email, triggering a series of events that compromise your systems. You make a ransom payment to regain access, only to discover that personal customer data was stolen. Now, you face a maze of notification requirements.

New Solution: Acceleration Packs for Radar® Compliance

Acceleration Packs are the first step in defining organizational risk matrices for cyber event risk assessment and reporting. These regulation-specific guides are a shortcut to creating internal processes for risk assessment, triage, escalation, and reporting within one platform, Radar® Compliance.

Reporting for Computer-Security Incident Notifications (CSIN) Obligations

The CSIN rule requires banks to notify the OCC as soon as possible and no later than 36 hours after determining that a computer security incident has occurred. Continue reading to learn more about CSIN reporting.

SEC Cracks Down on Misleading Cybersecurity Disclosures

One year after passing the Cybersecurity Disclosure Rule, the SEC cracks down on misleading cybersecurity disclosures. The SEC has imposed almost $7 million in fines on U.S. tech companies based on disclosures that left investors without a complete scope of cyber risk management and response processes.

Six Ways to Configure Radar Compliance

Whether you’re assessing an event to determine regulatory obligations or internal stakeholder notification requirements, Radar® Compliance solves the challenges of ever-shifting regulatory expectations, delivers event-based disclosure guidance, and helps ensure consistent, documented, and timely reporting. Here are 6 ways Radar® Compliance can simplify obligation requirements and notification obligations at your organization.

Seven Risks to Organizational Compliance

Upholding compliance requires an organization-wide effort. In today’s digital landscape, there is no short supply of risks that organizations must be aware of in order to maintain compliance and avoid potential penalties or breaches. To help build awareness and mitigate harm, let’s explore the 7 common risks that hinder compliance efforts.

Cyber Threats and Risk Amplification

As organizations operationalize the latest SEC cyber event reporting obligations, the time is ripe to discuss not only how cyber events are reported, but who owns cyber risk, and how collaboration can reduce organizational risk.

Key Trends in AI Governance: Insights from IAPP GPS 2026