Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Video December 17, 2018 Video - Vulnerability Assessment and Penetration Testing Vulnerability Assessment and Penetration Testing are the first steps to mitigate the risk of cybercrime. Protiviti helps organizations with a full range of security and privacy services. Our experts attempt to gain access to sensitive target data using common hacking techniques, spearfishing and specialized malware. How do you know whether your organization is protected and your customer data is… Newsletter May 10, 2022 SIFMA Quantum Dawn VI A Decade of Testing and Resilience Over the past 10 years, the Securities Industry and Financial Markets Association (SIFMA) has coordinated a series of industrywide resilience exercises known as Quantum Dawn. These exercises provide a forum for financial firms, regulatory bodies, central banks, law enforcement, government agencies, trade associations and information-sharing organisations to… Blogs January 11, 2023 For $62.59, the 8 Character Password is Still Dead Five years ago, we wrote a post called “The 8 Character Password is Dead,” which was an in-depth look at password cracking in 2017 and how eight-character passwords do not adequately protect organisations. In that analysis, we broke down the math and how quickly hardware purchased for under $5,000 could make an eight-character length irrelevant. Unfortunately, in just five years’ time, the… Blogs January 13, 2023 The Evolution of Attacker Behavior: 3 Case Studies This blog post was authored by Mike Ortlieb, Director, Security and Privacy and Chris Porter, Associate Director, Security and Privacy on The Technology Insights Blog. Threat actors are an ever-evolving species. Portrayed in popular advertising as guys dressed in black, probably sporting a ski mask, the harsh reality is that these bad actors are everywhere and are getting more creative… Whitepaper January 29, 2018 China’s Cybersecurity Law and its Impacts - Key Requirements Businesses Need to Understand to Ensure Compliance On June 1, 2017, China’s Cybersecurity Law went into effect, marking an important milestone in China’s efforts to create strict guidelines on cyber governance. Long before the Cybersecurity Law took effect, China had already made some efforts to strengthen information security. For example, a white paper titled The Internet in China, published in 2010, served as an early guide to China’s policy… Blogs April 6, 2023 3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem DevSecOps is an organisational software engineering culture and practice that aims at unifying software development (Dev), application security (Sec), and operations (Ops). The main characteristic of DevSecOps is to monitor and apply security at all phases of the software lifecycle: Planning, development, integration, delivery, deployment and production. Looking at DevSecOps through an IT… Flash Report July 31, 2023 SEC Cybersecurity Disclosure Enhancements: Efforts to Boost Investor Confidence On 26 July 2023, the U.S. Securities and Exchange Commission (SEC) adopted amendments1 to its rules on cybersecurity risk management, strategy, governance and incident reporting by public companies subject to the reporting requirements of the Securities Exchange Act of 1934. The SEC’s view is that cybersecurity threats and incidents pose an ongoing risk to public companies, investors and market… Blogs July 14, 2023 Smart contracts part 1: What is a smart contract? In recent years, there’s been considerable talk of blockchain and its use cases in the business world. While some of these topics have specific use cases – metaverse, decentralised finance, etc – there is one topic that underpins everything in the blockchain and decentralised space: smart contracts. Smart contracts are behind-the-scenes applications that route data, track changes and settle… Blogs July 14, 2023 Cybersecurity risk assessments vs. gap assessments: Why both matter This blog post was authored by Rob Woltering - Associate Director, Security and Privacy on the technology insights blog. As cybersecurity incidents continue to make headlines, whether involving the breach of sensitive information or the halting of an enterprise’s operations, cybersecurity risks remain top of mind for many organisations. To this end, organisations are continuously… Whitepaper February 21, 2023 ISO 27001: 2022 - Key Changes and Approaches to Transition This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organizations can take to implement the changes introduced. There have been significant advancements in technology, as well as an increase in the complexity of security threats since the last iteration of ISO 27001 was published on September 25, 2013. The changes introduced in… Load More
