‘”When this settles out, a large group of users are not coming back to the office ever,” he says. “What we have to think in terms of is hardened users and hardened user practices because they will always be the weak link in the security chain. We need to find a new balance.”
With a remote workforce, security can be more challenging for Mac-reliant companies, especially because the platform is becoming a greater target of attackers’.
Robert Lemos via darkreading.com.
‘Facilitating ransomware payments to sanctioned hackers may be illegal, the U.S. Treasury said …, signaling a crackdown on the fast-growing market for consultants who help organizations pay off cybercriminals.’
Raphael Satter via reuters.com
‘With limited time and little background in cybersecurity, M&A teams tend to focus on more urgent transactional areas of the deal process, including negotiating key business terms, business and market trend analysis, accounting, debt financing and internal approvals. With only 2-3 months to evaluate a transaction before signing, cybersecurity typically only receives a limited amount of focus.
When cybersecurity issues are evaluated, they are heavily reliant on disclosures from the seller regarding past issues and internal controls that are in place. Of course, sellers cannot disclose what they do not know, and most organizations are ignorant of attackers who may already be in their networks or significant vulnerabilities that are unknown to them. Unfortunately, this assessment is a one-way conversation that is reliant on truthful and comprehensive disclosures from sellers, lending new meaning to the phrase caveat emptor.
For this reason, it’s no coincidence that a recent poll of IT professionals by Forescout showed that 65% of respondents expressed buyer’s remorse due to cybersecurity issues.’
Rob Gurzeev via techcrunch.com
The ROI of an Effective Ethics and Compliance Program Compliance isn’t just good business practice—it’s also profitable – The Compliance and Ethics Blog (The Compliance and Ethics Blog)
‘For decades, executives have seen their ethics and compliance program as a cost center within their businesses. But that view is dated—and it’s on us, as compliance leaders, to demonstrate why. Fortunately, there’s a landslide of data on our side.
We are now at a place where there is sufficient data, academic research and actual use cases from corporations and businesses to prove that a good ethics and compliance program is not simply good for business—but, properly used, will lead to greater profitability.’
Tom Fox via complianceandethics.org