Ananya Mishra discusses the risk environment of retail giant Walmart within the context of the company’s interest in expanding its global reach. However, these expansion efforts will undoubtedly come with increased risks, including regulatory, cybersecurity, operational, and compliance. Looking at both the industry and Walmart’s past areas of challenge, the author argues for ways the retailer can mitigate risks in these areas
Read MoreCybersecurity
Password Security: Protecting the Front Door
Matthew Karyadi discusses how account passwords represent the “front door” in terms of the security of accounts and systems for organizations and individuals alike. When a password is compromised, this control failure poses a significant risk for both organizations and individuals. This paper explores the weaknesses and vulnerabilities in password controls, examines existing standards and frameworks, and recommends potential updates to these standards and measures to shore up password security for companies and individuals alike.
Read MoreCompliance and Breaches: A VMware Inc. Analysis
Elbert Cheng discusses the evolution of virtual machine (VM) technologies, and the story of VMware Inc. Due to VMware Inc.’s international nature, the organization must comply with the laws and policies across the globe. Relatively recent compliance requirements, such as the European Union’s General Data Protection Regulation (GDPR), have changed the operating and compliance landscape. Due to the high-profile clients who uses VMware’s technology, breaches and vulnerabilities pose a major risk in the technological space, consequently, the company has continued to evolve the way it responds to these changing risk conditions.
Read MoreZoombombing
Serah Prakkat discusses the privacy issues and risk exposures related to Zoombombing, the invasion of video meetings by malicious parties intent on disrupting teleconference sessions. Topics include the risk conditions that led to the issue, changes made by organizations, government regulations, and recommendations aimed at mitigating the risks and preventing the practice.
Read MoreAccenture's Technology Vision 2020 for Innovation DNA
Sophia Werner discusses how over three fourths of C-level executives believe that the stakes for innovation have never been higher. Yet, the world has also seen a rise in concern and expectation for handling security and privacy. Accenture's Technology Vision 2020 pushes for ideas that will take C-level companies' innovation in the right direction. It is a vision that advocates for constant innovation realized on a systems level and commoditized beyond its original purpose. As long as Accenture communicates that the company's brand image should be at the pinnacle, that innovation is done meticulously, and that updates are frequent, Technology Vision 2020 may also help reach the security and privacy levels the world has begun to demand as well.
Read MoreCybersecurity in the Pharmaceutical Industry
Allessandra Quevedo discusses the heightened levels of risk exposure spanning across the entire technological infrastructure connected to the pharmaceutical industry, from research and manufacturing, and from distribution and hospitals. Companies in the pharmaceutical industry contain increasingly growing (and massive) bodies of sensitive data, including proprietary information related to products as well as consumer healthcare information. Therefore, it is imperative that companies adapt systems and processes to making sure their proprietary and sensitive data remains secure and accessible from emerging cybersecurity threats.
Read MoreA Need for Increased Support of Cybersecurity Education
Peyton Lyons discusses the current state of cybersecurity education programs in the U.S. and the need for increased support from the government to meet the demands of the growing industry. This paper goes on to examine China and Israel to discuss how other countries are approaching cybersecurity education and how programs in the U.S. compare. With increasing demands for cybersecurity professionals, the U.S. needs to invest more in STEM education and offer hands-on learning opportunities that support developing the necessary skills to be successful in the cybersecurity industry.
Read MoreWash Your Hands and Update Your Software
Roger St. Louis discusses how cybercriminals are exploiting the new opportunities and exposures stemming from the coronavirus pandemic to increasingly acquire personal information and profit from the misery of others. As the coronavirus pandemic in 2020 has created new vulnerabilities, there is a need to strengthen cybersecurity approaches in three specifically categories
Read MoreIoT and SCADA Risk
Alex Osuch discusses the emerging risk associated with the new systems of automation and networked devices becoming embedded in the critical energy sector’s infrastructure. The nation’s energy infrastructure is becoming increasingly connected and continues to converge, producing new kinds of vulnerabilities and areas of exposure, including in the realm cybersecurity. This paper examines advanced metering, substation automation, and nation-state risks in the smart grid.
Read More#DeleteUber
Lee Segal discusses how the disruptive and once innovation company Uber has continued its downward spiral, with a growing number of stories emerging of executives making unethical decisions that will have lasting consequences for the company’s reputation and bottom-line.
Read MoreThe Internet of Things: A Dark Precursor
Kyle McNulty explores the growing risks associated with the spreading web of internet-enabled devices across consumers’ lives. The explosive proliferation of Internet-connected devices has resulted from rapid progress in technology and expanding demand for internet-connected capabilities from consumers. However, this technological advancement and consumer behavior has also created a significant vulnerability
Read MorePrivacy in the Age of Big Data
Zhuo Shan discusses discusses the various elements surrounding the topic of privacy, particularly in relation to the ever-expanding field of “big data. The content includes a high-level examination of various techniques used to collect users’ data and the associated risks for enterprises and individuals, as well as at the applicable government regulations and laws. The discussion concludes with a presentation of possible risk mitigation recommendations.
Read MoreShadow IT and Organizational Risks
Nicholas Montgomery discusses the rising prevalence of and risks associate with shadow IT - the use of unauthorized devices, software, and services - on organizations. After examining these risks, the author goes on to identify recommendations to help prevent shadow IT and allow organizations to enable business units to be able to make smarter purchases.
Read MoreOrganizational Risk of Bring Your Own Devices (BYOD)
Evan Cottingham discusses the rapidly evolving, business-critical issue of “Bring Your Own Device” (BYOD) programs, and the considerations and risks applicable across organizations in all sectors. While the benefits of BYOD programs are clear, the associated risks are clearly documented as well, and must be taken into consideration by any organization considering implementing or with an existing BYOD program.
Read MoreThe Harmonious Blend of Policy and Technology: The Need for an IoT Compliance Framework
Andy Herman discusses the rising concerns associated with the Internet of Things, and the lack of a comprehensive cybersecurity compliance framework. The rising number of internet-connected devices has created increasing number of cybersecurity risks, as network of devices are hijacked for malicious purposes.
Read MoreMandatory Cybersecurity Risk Management Framework in Healthcare Sector
Andy Herman discusses the gap in the current healthcare cybersecurity approach – that there is no mandatory risk management framework for healthcare organizations. The author suggests introducing a mandatory implementation of a full cybersecurity framework with monitoring systems before receiving the incentives guaranteed by the meaningful use clause associated with electronic health records.
Read MoreNew Age of Cybersecurity: Rethink Cybersecurity Strategies and Implementation
Cory Shyu discusses how the Internet of Things (IoT) has transformed the technology sector profoundly. While companies are rushing to reap benefits from increased productivity and automation by adopting more agile technology solutions, privacy and security issues have risen at an alarming rate. The author addresses the key areas in which companies should rethink cybersecurity strategies and develop appropriate roadmaps to achieve security objectives.
Read MoreCybersecurity in the U.S. Private Security
Mark Tchao discusses how incentivizing companies to invest in top cybersecurity measures in the profit-driven market continues to be a challenge. Government compliance can be illusory, but without decisive changes in the landscape of matters, things may only get worse.
Read MoreNot So Smart: Smart Grid and Cybersecurity Challenges of the Department of Energy
Brooke R. Brisbois explores the challenges faced by the Department of Energy with regard to smart grid technology and cybersecurity. In particular, discusses policy issues surrounding these problems.
Read MoreImpact of Data Breaches
Divya Yadav talks about the business impact of data breaches and what can organizations do to safeguard themselves from this pervasive problem.
Read More