Identifying and leveraging reliable information sources is a useful starting point for risk professionals looking to solidify their good practices for the year ahead.

There is no crystal ball to forecast the future; however, organizations can make informed predictions about cybersecurity in ...

A fresh start for IT auditors in 2025 is possible, but closing out lingering loose ends from last year likely requires ...

Applying Generative AI to the audit profession can be done more effectively when the data involved is examined carefully to ensure its quality is reliable.

In today’s evolving landscape of organizational governance, the role of the risk manager is more crucial than ever. In the ...

The involvement of cybersecurity teams in AI development is essential for organizations to harness the full potential of AI ...

At the end of my previous column,1 I briefly discussed the fact that the NIST CSF 2.0 calls for “a hierarchy of executives, managers and practitioners not stated in the previous version.” This is not ...

The ever-growing complexity and frequency of cyberattacks have forced organizations to rethink their strategies for managing security incidents. A well-developed and efficiently executed incident ...

In today’s evolving landscape of organizational governance, the role of the risk manager is more crucial than ever. Risk managers are tasked with identifying, assessing, and mitigating risk to ensure ...

Discussions about privacy often devolve into lamentations about how complex the privacy regulatory landscape is, and for good reason. More than 130 countries have privacy laws, and enterprises may ...

Threat actors pose an increasing danger to any organization’s digital trustworthiness. Criminals go where the money is. For instance, executing a ransomware attack is usually going to be more ...