Cybersecurity
Collection

Cyber resilience is an organization’s ability to detect, prevent, respond, recover and learn from cybersecurity disruptions. Our cybersecurity collection explores common issues, trends and what organizations must do to prepare proactive and reactive solutions to and keep your assets safe.

Featured Insights

2025 Report on Top Risks
Read Protiviti's Top Risks Report 2025 covering executives' views on emerging risks related to AI, cyber threats, talent management, and economic...

Understanding the Impact of the EU AI Act: A Primer for Financial Institutions
Navigate the EU AI Act's impact on finance with our strategic guide to compliance and ethical AI use.

NIST unveils post-quantum cryptography standards. What does it mean?
Earlier this month, the National Institute of Standards and Technology (NIST) approved three post-quantum cryptography (PQC) standards that constitute...

The SEC’s Cyber Disclosure Rules: Lessons Learned So Far In Year One
What qualifies as a material cybersecurity incident? Can we estimate our potential losses and the effects of business disruption? What were our...
Digital Identity

Rural Lifestyle Retailer Builds Customer Loyalty With Enhanced CIAM Strategy
Protiviti partnered with a rural lifestyle retailer client to assess its Customer Identity and Access Management (CIAM) program and architecture. ...

NIST Releases Version 2.0 of Its Cybersecurity Framework (CSF): What This Means for Your Organisation
On February 26, 2024, The National Institute of Standards and Technology (NIST) released version 2.0 of its updated and widely used Cybersecurity...

IAM in Operational Technology: How and Where to Make it Work
By now, it is understood that effective identity and access management (IAM) is critical to an organization’s cybersecurity program and is now...

Emerging Trends in IAM Part 4: Going Passwordless with the FIDO Use Case
The hybridization of the workforce and subsequent challenges within the IAM world has resulted in many organizations beginning (or reimagining) their...
Data Privacy & Protection

Did China break encryption? Protiviti’s quantum director sets the record straight
“Let’s say the claims are true. Let’s pretend it’s not some nation-state psy-op to try and freak out the West of something. Even if the claims are 100...

Best Practices for Building a Sustainable PCI DSS Compliance Program
Creating and maintaining a sustainable PCI DSS compliance program is a crucial and complex task for organisations to protect payment card transactions...

Future of Privacy Forum CEO Jules Polonetsky on “exciting but risky” road ahead
“For better or worse, the dam burst and everyone, from the most conservative organization to the wildest startup, is rolling out [AI] stuff that comes...

Put Privacy First To Build Trust and Elevate the Customer Experience
This blog was originally posted on Forbes.com. Kim Bozzella is a member of the Forbes Technology Council.
Here's a problem I often see: Most...
Security Resilience

Digital Twins: Adopting a Data-Centric Approach to Mature Resilience
Operational resilience – the ability for firms to prevent, adapt, respond to, recover and learn from operational disruptions – is a common concern for...

The Strategic Imperative of Enterprise Resilience
In a volatile business environment, the concept of resilience has emerged as a cornerstone of strategic management. More than just a trendy concept,...

SEC rebuked in SolarWinds decision. What does it mean?
U.S. District Judge Paul Engelmayer has dismissed most of the charges made by the U.S. Securities and Exchange Commission (SEC) against software...

DORA Compliance: Untangling Key Hurdles to Implementation
The Digital Operational Resilience Act (DORA), or more formally known as Regulation (EU) 2022/2554, took effect on 16 January 2023, with final...
Security Strategy & Architecture

The DoD unveils the Cybersecurity Maturity Model Certification Program: A primer for defense contractors
As cybersecurity threats evolve, the U.S. Department of Defense (DoD) has introduced a long-awaited pivotal framework aimed at bolstering the security...

Low-Code Applications Yield High Value, Big Change in Less Time
The big picture: Deploying enterprise technology systems and tools often is cumbersome and hampered by complex configurations, lengthy implementations...

Protecting data and minimizing threats with Microsoft’s Sarah Armstrong-Smith
“When we're talking about cyber-attacks, data breaches, intellectual property theft, whichever way you want to look at it, ultimately it'll come down...

CPO or no? Protiviti’s Tom Moore on the evolution of the privacy role and its uncertain future
When Google, a company estimated to hold between 10 and 15 exabytes of data — or the storage power of about 30 million PCs — makes a potentially game...