Subscribe to Blogs
The General Data Protection Regulation (GDPR) is the European Union's data protection regulation coming into force in 2018.
The survey results suggested that people are tired of trying to keep themselves safe online. They feel that their efforts are likely in vain and that only luck will save them and their employer from being hacked, and that it is inevitable that it will happen eventually...What can to done to prevent this feeling impacting the cybersecurity of your staff and your organisation?
GDPR (General Data Protection Regulation), is the "upgrade" to the Data Protection Directive (implemented in the UK under the Data Protection Act), and it comes into force in May 2018. There has been a fair bit of coverage in the press about GDPR, and not all of it well informed, and some of it quite negative. With so much of our data being shared with companies, having strong data protection that understands the nature of the way that information is shared and stored, and the way that business is conducted these days is vitally important...
Intrusion protection software and hardware looks for unusual activity that touch on anomalies and events in the NIST Detect Framework function. An anomaly is something that has taken place which would not usually take place.
As the National Institute of Security and Technology outlines, to manage cyber-risk, organizations should understand the likelihood that an event will occur and the resulting impact. With this information, organizations can determine the acceptable level of risk for delivery of services and can express this as their risk tolerance.
My 3-part series of blogs on CIO's changing priorities have focused on the recent CIO Survey 2016 published by Harvey Nash & KPMG, which has described how the role of the CIO is changing.
On December 15, 2015, the European Parliament and the European Council agreed the EU Data Protection Reform, promising to make Europe fit for the digital age, but what is the General Data Protection Regulation (GDPR), what is its scope, and what do organisations need to do to comply with this new regulation. In part one of this two-part article, Darren Wray discusses the scope and some of the differences between the existing European data protection legislation and the changes that the GDPR brings...
There is growing awareness of a skills shortage in Security and Resiliency. 41% of CIO’s define Big Data, along with the increased probability of a Cyber-attack, as a critical priority for them
The role of the CIO around the world is changing, that is the case in New York, London, Singapore and Bermuda. In my latest article published in Bermuda's Royal Gazette I talk about what the changes are, and what they mean for Bermuda and the CIOs that are based there.
Fifth Step attended a pre-Monte Carlo Rendez-Vous briefing during which a number of topics and themes were raised that touch on areas of interest to our clients. The first speaker at the conference, for example, outlined the challenge of change and the importance of managing disruption in the 21st Century as being a critical business asset.
The recent CIO Survey 2016 published by Harvey Nash & KPMG has described how the role of the CIO is changing for the better. Yet with more CIOs becoming board members, the impact of projects failing on their watch has never been more of a risk.
The re/insurance industry’s current understanding of cyber is not good enough, meaning large and potentially interconnected cyber events can’t be predicted accurately. “The cyber market now is where the natural catastrophe market was in the early 2000s,” said Darren Wray, chief executive officer of boutique consultancy firm Fifth Step.
Darren Wray, CEO, Fifth Step, said in a new A.M. BestTV video that regulators have been demanding that financial services firms develop response plans to cyber-related incidents
From a governance perspective, any co-sourcing or out-source contract can only out-source the function not the responsibility. Any organisation that is working with third parties to provide functions, need to have a vendor management system in place.
There are many reasons why businesses should consider the flexible co-sourced arrangements as well as the benefits that consulting resources can bring - As I have highlighted in a previous blog, when it comes maximising your cyber resources, we can choose from a spectrum ranging from full time employees – a vital resource but the least flexible - to co-sourcing.