Blog - data breach reporting

DORA Compliance and Third-Party Risk Assessment

As the digital threat landscape evolves, no risk exists in a vacuum. With the increased reliance on third-party vendors, the risks organizations face from cyber threats can have impacts extending beyond the company, posing potential harm to consumers and even entire economies. To mitigate the fallout of cyber threats that arise through third-party vendors, the Digital Operational Resilience Act (DORA) is a pivotal regulation that aims to enhance information and communication technology (ICT) risk management and cybersecurity reporting through stringent oversight of third-party vendors.

CSIN Incident Response Planning

As new regulations aim at consumer and investor protections, the increased scrutiny of risk management, incident response, and business continuity planning is now a Board-level issue, and cyber event reporting and risk mitigation are crucial concerns for boards of directors across industries. How you plan to communicate risks during incident response is integral to compliant decision-making and escalation processes for CSIN reporting.

After the Incident: Navigating Notification Obligations

Imagine this: Your financial services organization handles sensitive customer information and falls victim to a ransomware attack. An employee clicks on a phishing email, triggering a series of events that compromise your systems. You make a ransom payment to regain access, only to discover that personal customer data was stolen. Now, you face a maze of notification requirements.

Episode 4: Keeping Up with the SEC | On Your Radar Podcast

We’re back with another episode of the On Your Radar podcast! In this week’s episode, we sit down with Bob Zukis, author, partner at PricewaterhouseCoopers, professor, and currently the CEO of the Digital Directors Network, to discuss keeping up with the SEC cybersecurity disclosure rules.

Episode 3: Briefing the Board | On Your Radar Podcast

We’re back with another episode of On Your Radar! In this week’s episode of our podcast, we sit down with Tami Dokken, lawyer and data privacy expert, to discuss privacy best practices for briefing the board. Tune in to find out what information leadership and the board really want from the privacy team and how to best prepare.

SEC Amendments Make Cybersecurity Disclosure a Board-level Issue

To better understand what the SEC disclosure rules and the announced amendments mean for organizations, C-suite executives, and Board-level stakeholders, RadarFirst CEO Don India met with privacy, cyber, and risk experts to investigate why the SEC amendments make cybersecurity disclosure a Board-level issue.