As we approach the end of 2017 and reflect on the past year, it’s hard to ignore the recent surge in cybercrime and the financial, operational, and reputational losses that breaches have caused portfolio companies and M&A targets. Some notable examples include the $350 million (7%) deal adjustment on the Yahoo acquisition as well as the Whole Foods breach announcement that followed their acquisition by Amazon.
This is the first post in a series of cybersecurity tips and tricks from ACA Aponix's team of experienced consultants.
The world of enterprise IT security is rapidly changing. Even as the leading public cloud service providers have become more secure, customer concerns around securing their cloud environments remain high. According to a recent survey of security practitioners, security is the top barrier to cloud adoption. Organizations deploying workloads on Amazon Web Services (“AWS”) at scale are faced with new challenges because traditional tools and controls that worked well for security and compliance in the datacenter fail in public cloud environments.
The FCA identified cybsersecurity as a top priority in their recently published 2017/18 Business Plan. In the plan, FCA Chairman John Griffith-Jones said, "Of the increasing risk areas that we have identified, one in particular stands out – cyber resilience. Cyber-attacks are increasing in number, scale and sophistication."
Information technology plays a central role in your business, so it’s important that your firm have a platform for managing its IT and cybersecurity risks. In part two of our Introduction to Risk Management webcast series, ACA Aponix's Raj Bakhru and Pascal Busnel will demonstrate the upcoming ACA Aponix module within ComplianceAlpha, ACA’s new compliance program management platform.
Last week the New York State Department of Financial Services closed its request for comments on its new cyber regulations, Article 23 Part 500 ("NYS-DFS 23 NYCRR 500"). The rule will require new cybersecurity measures for firms that meet the rules’ definition of “Covered Entity.” Among other things, firms will be required to self-certify their compliance (see Appendix A of Part 500).
This October, ACA Aponix will once again participate in the Stop.Think.Connect Campaign for National Cyber Security Awareness Month (NSCAM). Each week, we will feature a different theme and send you tips and best practices that can be applied to your life both in and outside of the office. These tips can be shared with your organization as appropriate.
This Year's Themes
Our 2016 campaign will feature the following themes: