Results for Search Submit Filter by: Advanced Filter All results Solutions Industry Typelist People Client Story Insights/Blogs Sort by: Relevance Date Filter Search Sort by RelevanceDate Order AscDesc Blog February 20, 2014 Ethics in Corporate Governance: “Walking the Talk” If it’s true you can’t legislate morality – and all evidence, including but certainly not limited to corporate malfeasance such as the Enron and Worldcom scandals or the questionable corporate behavior of reckless risk-taking to maximize short-term profits and compensation (under “heads I win, tails you lose” compensation structures that left shareholders with the short stick) that contributed to… Blog February 28, 2014 Cybersecurity Framework: Where Do We Go From Here? Protiviti just published a Flash Report on the National Institute of Standards and Technology’s (NIST) final version of its Framework for Improving Critical Infrastructure Cybersecurity. I highly recommend that anyone involved in cybersecurity in their organization become familiar with the NIST Framework by reading our report. This framework could end up being the new game in town. Just over a… Blog March 7, 2018 Understanding Server Message Block from the Ground Up The Server Message Block (SMB) is an integral part of any successful organization’s technology assets. In this blog post, we’ll take an easily digestible look at SMB, including its history, why and how it is used and what SMB is used for during penetration tests. SMB was first referenced as “IBM PC Network SMB Protocol” in a 1985 document by IBM, and in 1987 as “Microsoft Networks/OpenNet-FILE… Blog March 7, 2018 Saving Analytical Data Without Violating GDPR With an effective date less than four months away, the General Data Protection Regulation (GDPR), known officially as "REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016," is becoming a pressing concern for companies inside and outside the European Union (EU). Broadly, the regulation specifies that personal data protection of natural persons residing in… Blog March 8, 2018 Security Advisory: Meltdown and Spectre – Processor Flaws Expose Networks to New Class of Vulnerabilities Security researchers have identified a flaw, present in most computer processors, that allows unauthorized disclosure of information. The flaw, which affects most major processor manufacturers, is the first known instance of a security vulnerability at the processor level, and could be exploited in servers, workstations (including laptops), network infrastructure, mobile devices, IoT devices and… Blog March 12, 2018 New IT Security Awareness Learning Library Designed to Help Workers Become Frontline Cyber Defenders for Their Employers Taking advantage of a user’s poor security practices is often a critical first step for malicious hackers or other cybercriminals seeking to compromise an organization’s systems and data. More than 80 percent of hacking-related breaches leveraged stolen or weak passwords, according to research for the 2017 Data Breach Investigations Report from Verizon. The report also says that about… Blog March 14, 2018 Undetected Breaches and Ransomware Change How We Think About Cybersecurity Undetected Breaches and Ransomware Change How We Think About Cybersecurity As new possibilities in information technology continue to transform organizations, they may outpace any cybersecurity protections already in place. Controls that seemed adequate yesterday might not be equal to the challenges presented by new technology and ever-evolving threats today. Our issue of Board Perspectives:… Blog March 19, 2018 Recent Roundtable Perspectives on Cloud Security As cloud adoption accelerates within well-established businesses and emerges across nearly all industries and company sizes, security executives have been presented with thematic challenges to managing cloud governance, security, and regulatory risk. Protiviti recently held a roundtable of Chicago-area CISOs and Security Leaders to discuss the thematic challenges, share strategies, and gain… Blog March 20, 2018 Even After Patching, Meltdown & Spectre Continue to be a Big Deal First, a recap of the vulnerability For the first time, performance-enhancing features of most modern processors (known as out-of-order superscalar execution, speculative prediction, and HW caching) were discovered to contain (as a unit) a flaw that allows unauthorized disclosure of information. The fact that this flaw is at the processor level differentiates it from other potential… Blog March 26, 2018 What’s Ahead in Vendor Assessments? Rapidly changing information security threats and regulatory requirements continue to put pressure on vendor risk management programs and capabilities for all organizations globally. We anticipate that the number and comprehensiveness of vendor assessments required of, and conducted by, organizations will continue to substantially increase in 2018 and into 2019 before the requests begin to… Load More
