APAC CIO Outlook
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Agile

    Artificial Intelligence

    Aviation

    Bi and Analytics

    Big Data

    Blockchain

    Cloud

    Cyber Security

    Digital Infrastructure

    Digital Marketing

    Digital Transformation

    Digital Twin

    Drone

    Internet of Things

    Low Code No Code

    Networking

    Remote Work

    Singapore Startups

    Smart City

    Software Testing

    Startup

  • E-Commerce

    Education

    FinTech

    Healthcare

    Manufacturing

    Retail

    Travel and Hospitality

  • Dell

    Microsoft

    Salesforce

    SAP

  • Cognitive

    Compliance

    Contact Center

    Corporate Finance

    Data Center

    Data Integration

    Digital Asset Management

    Gamification

    HR Technology

    IT Service Management

    Managed Services

    Procurement

    RegTech

    Travel Retail

Menu
    • Compliance
    • Software Testing
    • Procurement
    • Managed Services
    • Cyber Security
    • Gamification
    • Blockchain
    • CRM
    • E-Commerce
    • MORE
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    Welcoming Big Data Technology amidst Changes

    Darren Cockrel, CIO, Coyote Logistics

    Leveraging Compliance to Your Advantage

    Mark Bloom, Global CIO, Aegon

    Demystifying the Role of IT in Millennial Organizations

    Jeff Fithian, VP, Strategic Initiatives and CIO, Dynamic Materials Corporation

    Productivity and Security- Can you ever have both?

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Lessons Learned from a CIO

    John Miller, Vice President and CIO, American Textile Company

    The Hard Case For Investing In Compliance

    Alexander Maclean, Global Head Of Regulatory Compliance / Chief Compliance Officer, Aegon [Ams: Agn]

    Compliance , Regulatory Affairs, Contract Management

    Charles Hammersla, Head Of Facilities Management – Nab, Cushman & Wakefield [Nyse: Cwk]

    Andreas Uremovic, Managing Director, Global Head Investment Portfolio Compliance, Allianz Global Investors [Fra: Alv]

    Andreas Uremovic, Managing Director, Global Head Investment Portfolio Compliance, Allianz Global Investors [Fra: Alv]

    right

    The Building Blocks of Cyber Security Compliance

    Sasha Kalb, Vice President, Risk and Compliance, Asia Pacific, American Express Global Business Travel

    Tweet
    content-image

    Sasha Kalb, Vice President, Risk and Compliance, Asia Pacific, American Express Global Business Travel

    In the increasingly complex environment of regulatory enforcement, it is crucial that organizations today are Compliance-aware. Corruption and bribery, data privacy, extensive use of third parties, and employee duty of care, are all areas that must be the focus of any comprehensive Compliance program. Increasingly, cyber security must be added to this list. Cyber attacks are becoming more common and sophisticated. When such attacks occur, the damage to an organization can be overwhelming, highly publicized and immediate.

    While many people are hesitant to discuss cyber security due to its heavily technical nature, the theory behind building a cyber security program is the same as any Compliance discipline. Of course, there is a highly specialized element, for which information technology expertise is required; however the organizational elements that support this are consistent with a basic Compliance risk management program. Such elements include:

    Training

    Many cyber security incidents are caused by individuals falling victim to phishing or social engineering scams.

    It is critical that employees are trained to be security aware. Cyber security training should be added to a regular training roster, alongside other disciplines, such as sanctions and anti-corruption.

    Testing

    Testing employees’ knowledge is important for gauging true awareness. Within my organisation, we run phishing tests designed to train our employees. This is done through highly tailored e-mails that are designed to look legitimate, but are actually false phishing attempts. Any employee who falls victim to the tests is required to take additional training.

    Ad hoc communications

    Never waste an opportunity to use a good crisis. Take advantage of events in the news media to raise awareness and train employees.

    Physical security

    Remember that cyber security is reliant on both information technology and physical security. Are your offices secure? Do your company’s computers auto-lock after a period of inactivity? These are important considerations.

    Incident response

    When there is an allegation, or confirmed incident, the corporate response should be the same as for any compliance incident – it is crucial to follow company procedure exactly. Companies should mobilize their incident response and investigation teams, and react with appropriate speed and resources.

    Following the recent cyber attack on Yahoo!, the Yahoo Board investigation noted that the company’s failures in areas such as communication, management, and internal reporting resulted in a lack of proper handling of the breach. These failures contributed to the flow of negative news, shareholder lawsuits, resulting in a drop in sale price, and losses in personnel.

    As with any other risk area, a strong Compliance program is the best way to protect an organization from the effects of a cyber breach. A truly comprehensive program should include elements of policy, training and communication to help prevent an occurrence; testing and monitoring to help detect a potential breach; and processes around investigation and remediation, as a best-practice response should a breach occur.

    tag

    Information Technology

    Physical Security

    cyber attack

    Weekly Brief

    loading
    Top 10 Compliance Solutions Companies - 2022

    Featured Vendors

    MasterSAM

    Sanjeev Dhar, MD

    entity solutions

    Matthew Franceschini, CEO & Co-founder

    ON THE DECK

    Compliance 2022

    Top Vendors

    Compliance 2021

    Top Vendors

    Compliance 2020

    Top Vendors

    Compliance 2019

    Top Vendors

    Compliance 2018

    Top Vendors

    Compliance 2017

    Top Vendors

    Compliance 2016

    Top Vendors

    Previous Next

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Deliver Resiliency with Managed Services

    Deliver Resiliency with Managed Services

    Edy Salim, Head of Technology Services & Enterprise Architecture, PT Adira Dinamika Multifinance Tbk
    Sustainable Future through Innovative Technology Solutions

    Sustainable Future through Innovative Technology Solutions

    Faisal Parvez, CIO and Director, BT
    How to align Supply Chain with Corporate Strategy

    How to align Supply Chain with Corporate Strategy

    Chanaka Rathnayake, Senior Production Manager (Packaging) at The HEINEKEN Company
    A dose of our own medicine

    A dose of our own medicine

    SABINA JANSTROM, IT DIRECTOR, DYNO NOBEL
    Insider Threat

    Insider Threat

    AI is America's best weapon for disrupting health inequities

    AI is America's best weapon for disrupting health inequities

    Michael Dowling, President & Ceo, Northwell Health and Tom Manning, Chairman, Ascertain
    Combating IoT Challenges with Smart Choices

    Combating IoT Challenges with Smart Choices

    Sandeep Babbar, Head Of Technology Innovation, Gwa Group Limited
    Artificial Intelligence regulations and its impact on medical devices

    Artificial Intelligence regulations and its impact on medical devices

    Leo Hovestadt, Director Quality Assurance Elekta
    Loading...

    Copyright © 2023 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    |  Sitemap |  Subscribe |   About us

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/cxoinsights/the-building-blocks-of-cyber-security-compliance-nwid-4399.html