Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Whitepaper
  • News
  • About us
Apac

  • Admired Tech

    Agile

    AI Healthcare

    Artificial Intelligence

    Augmented Reality

    Aviation

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Transformation

    Drone

    HPC

    Infrared

    Internet of Things

    IT Services

    Marine Tech

    Networking

    Plastic Tech

    PropTech

    Robotics

    Sensor Tech

    Simulation

    Smart City

    Software Testing

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Capital Market

    Construction

    E-Commerce

    Education

    FinTech

    Food and Beverages

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • CISCO

    Google

    IBM

    Microsoft

    Oracle

    Salesforce

    SAP

    ServiceNow

  • Business Intelligence

    CEM

    Cloud-based Planning

    Cognitive

    Collaboration

    Compliance

    Contact Center

    Corporate Finance

    CRM

    Custom Software Development

    Data Center

    Digital Signage

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Communications

    Enterprise Performance Management

    ERP

    Facility Management

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Infrastructure

    IT Service Management

    Managed Services

    PLM

    Procurement

    Project Management

    RegTech

    Revenue Management

    Sales Tech

Menu
    • Compliance
    • Augmented Reality
    • Banking
    • Blockchain
    • Cloud-based Planning
    • Cognitive
    • Construction
    • Content Management System
    • Custom Software Development
    • Cyber Security
    • E-Commerce
    • Enterprise Architecture
    • Food and Beverages
    • Gov and Public
    • HPC
    • HR Technology
    • Logistics
    • Managed Services
    • Manufacturing
    • Oracle
    • Pharma and Life Science
    • Wireless
    More
    Cyber Security E-Commerce Enterprise Architecture Food and Beverages Gov and Public HPC HR Technology Logistics Managed Services Manufacturing Oracle Pharma and Life Science Wireless
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    Security and Compliance-focused IT Approach-key for Business Success

    Daniel Hughes, CIO, Elementis Global

    Welcoming Big Data Technology amidst Changes

    Darren Cockrel, CIO, Coyote Logistics

    Leveraging Compliance to Your Advantage

    Mark Bloom, Global CIO, Aegon

    Demystifying the Role of IT in Millennial Organizations

    Jeff Fithian, VP, Strategic Initiatives and CIO, Dynamic Materials Corporation

    Productivity and Security- Can you ever have both?

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Lessons Learned from a CIO

    John Miller, Vice President and CIO, American Textile Company

    Enhancing Compliance Automation Efforts Step-by-Step

    Amy Matsuo, Principal, Global Leader for Compliance Transformation Solutions, KPMG (US)

    Technology and Compliance - The Ever-changing Landscape

    Terrence Lim, CRO, ZhongAn Technologies International Group Limited

    right

    The Building Blocks of Cyber Security Compliance

    By Sasha Kalb, Vice President, Risk and Compliance, Asia Pacific, American Express Global Business Travel

    Tweet
    content-image

    Sasha Kalb, Vice President, Risk and Compliance, Asia Pacific, American Express Global Business Travel

    In the increasingly complex environment of regulatory enforcement, it is crucial that organizations today are Compliance-aware. Corruption and bribery, data privacy, extensive use of third parties, and employee duty of care, are all areas that must be the focus of any comprehensive Compliance program. Increasingly, cyber security must be added to this list. Cyber attacks are becoming more common and sophisticated. When such attacks occur, the damage to an organization can be overwhelming, highly publicized and immediate.

    While many people are hesitant to discuss cyber security due to its heavily technical nature, the theory behind building a cyber security program is the same as any Compliance discipline. Of course, there is a highly specialized element, for which information technology expertise is required; however the organizational elements that support this are consistent with a basic Compliance risk management program. Such elements include:

    Training

    Many cyber security incidents are caused by individuals falling victim to phishing or social engineering scams.

    It is critical that employees are trained to be security aware. Cyber security training should be added to a regular training roster, alongside other disciplines, such as sanctions and anti-corruption.

    Testing

    Testing employees’ knowledge is important for gauging true awareness. Within my organisation, we run phishing tests designed to train our employees. This is done through highly tailored e-mails that are designed to look legitimate, but are actually false phishing attempts. Any employee who falls victim to the tests is required to take additional training.

    Ad hoc communications

    Never waste an opportunity to use a good crisis. Take advantage of events in the news media to raise awareness and train employees.

    Physical security

    Remember that cyber security is reliant on both information technology and physical security. Are your offices secure? Do your company’s computers auto-lock after a period of inactivity? These are important considerations.

    Incident response

    When there is an allegation, or confirmed incident, the corporate response should be the same as for any compliance incident – it is crucial to follow company procedure exactly. Companies should mobilize their incident response and investigation teams, and react with appropriate speed and resources.

    Following the recent cyber attack on Yahoo!, the Yahoo Board investigation noted that the company’s failures in areas such as communication, management, and internal reporting resulted in a lack of proper handling of the breach. These failures contributed to the flow of negative news, shareholder lawsuits, resulting in a drop in sale price, and losses in personnel.

    As with any other risk area, a strong Compliance program is the best way to protect an organization from the effects of a cyber breach. A truly comprehensive program should include elements of policy, training and communication to help prevent an occurrence; testing and monitoring to help detect a potential breach; and processes around investigation and remediation, as a best-practice response should a breach occur.

    tag

    Information Technology

    Physical Security

    cyber attack

    Weekly Brief

    loading

    Featured Vendor

    • Deep Identity: A Deeper Look into Identity Management
      Deep Identity: A Deeper Look into Identity Management
    Top 10 Compliance Solution Companies - 2019
    Top 10 Compliance Consulting/Services Companies - 2019
    ON THE DECK

    Compliance 2019

    Top Vendors

    Compliance 2018

    Top Vendors

    Compliance 2017

    Top Vendors

    Compliance 2016

    Top Vendors

    Previous Next

    Read Also

    The Battle Of David & Goliath Within The Retail Landscape

    The Battle Of David & Goliath Within The Retail Landscape
    Vlad Yakubson, Head Of Retail, Yd.
    Retail Is Detail They Say

    Retail Is Detail They Say
    Stuart Freer, Chief Digital Officer, Mecca Brands
    Retail Technology, Now

    Retail Technology, Now
    Paul Pritchard, COO, Overdose
    Is Collaboration More Important Than Technology For Success

    Is Collaboration More Important Than Technology For Success
    Ben Berger, Head Of Product, The Iconic
    The Rise Of The Enabler

    The Rise Of The Enabler
    Amit Thard, Head Of Ecommerce, Sea, Stanley Black & Decker, Inc.
    How Have Recent Advancements in Enterprise Architecture Been Impacting Businesses?

    How Have Recent Advancements in Enterprise Architecture Been Impacting Businesses?
    Paul Allen, Enterprise Architect, Qantas
    Impact of Technology Trends on the Airline Industry

    Impact of Technology Trends on the Airline Industry
    Eric Leopold, Director, Financial and Distribution Systems Transformation, International Air Transport Association
    Drone Integration in the Safety Related Aviation World

    Drone Integration in the Safety Related Aviation World
    Kristof Lamont, Air Traffic Management, Cyber Security Senior Expert, Eurocontrol
    Loading...

    Copyright © 2020 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap |  Subscribe

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/cxoinsights/the-building-blocks-of-cyber-security-compliance-nwid-4399.html