When digital transformation projects are well underway, significant risks remain. In a competitive business environment, companies are under increasing pressure to cut costs and improve efficiency. Over the last few years, this has resulted in a digital transformation drive with firms embracing technologies such as cloud, internet of things and artificial intelligence (AI).
Chris Roberts, an adviser at Attivo Networks, concurs that role-based access control (RBAC) must be enabled for robust Kubernetes security, and adds that many elements of a strong security posture remain relevant in container environments: Good policies, procedures, and controls at the user, application, and network layer; separate and segmentation (including firewalls) where possible; rotating encryption keys; and strong education and integrations among different roles and teams.
There are more U.S. breach notifications laws than Baskin Robbins ice cream flavors, and the inconsistency of these laws will continue to cause confusion and compliance challenges for companies throughout 2019. We will see an increase in fines levied and potential jail time for those who do not meet the expectation of these measures. States like California, Rhode Island, and Massachusetts have all been very aggressive in their enforcement of these laws, a trend likely to be closely followed throughout the next year. Many organisations struggle with the lack of clarity of breach disclosure definitions and expectations. States that create notification laws that include defined processes will help organisations be better prepared and compliant to disclosure strategies in the event of a breach. This will promote more strategic thought processes for recording and reporting incidents and will reinforce that it is no longer enough to quickly notify on a breach incident, they will also need to accurately identify the full impact of the event. Going forward, organisations will be expected to fully understand how widespread the attack was, how deeply the attacker penetrated, and how to set the right controls in place to prevent their return.”
The past 12 months have been a maze of cyber security challenges, ranging from the almost constant data breach headlines to the introduction of that little thing call the GDPR. Now, as 2019 comes rushing up to greet us, what can we expect to see dominating the industry? Below are just a few of the predictions we’re making…
Why the financial sector’s risk management approach has changed significantly in recent years. The financial sector’s risk management approach has changed significantly in recent years. While some of these changes were expected, such as continued constricted regulations, others were less expected, including an increasing realisation that cyber and financial crime are closely-linked, and need to …
Almost 70% of businesses experienced at least one hacking incident in the last year, according to a study of business risk managers released on Wednesday by The Hartford Steam Boiler Inspection and Insurance Company (HSB), part of Munich Re.