The SEC recently announced proposed cyber rules affecting registered investment advisers and funds, the first guidance since 2018. The proposed rule, “Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure” helps by becoming more prescriptive in the newly proposed rules. The SEC is addressing observed shortcomings in incident reporting practices that range from incidents not being […]
Read MoreGiven the vast amount of data the United States maintains, the federal government has a unique responsibility to secure its own IT infrastructure to minimize the potential harm from a cyber intrusion. With persistent and inventive threats from bad actors in mind, the Biden Administration announced it is moving toward a Federal Zero Trust Architecture […]
In Q4 2021, the Department of Health and Human Services (HHS) published a briefing that detailed the concept of Zero Day attacks and their recent impact on the Healthcare and Public Health sector (HPH). As one of the 16 critical infrastructure sectors designated by Presidential Policy Directive 21, implementing advanced detection and protection tactics to […]
Most sophisticated cybersecurity organizations have embraced technical controls as a management mechanism. Some organizations have even begun mandating their adoption. Forced technical controls, if integrated appropriately into the culture, can dramatically increase cyber defense capabilities as well as combat employees’ inherent resistance to change. While proactively initiating change may seem counterintuitive to creating a strong […]
This October, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the first of a four-part series of position papers called “Security Guidance for 5G Cloud Infrastructure.” The first part, “Prevent and Detect Lateral Movement,” outlines five actions to prevent threats while building and hardening 5G cloud infrastructure. Although this position paper is specifically […]
For the first time in nearly two decades, it is a job seeker’s market, and organizations are scrambling to reassess compensation packages and working arrangements to accommodate shifting employee priorities, win in the battle for talent, and avoid the “Great Resignation.” Fewer companies, however, have focused efforts on the longer-term strategies that are critical to […]
Zero Trust as a concept has become almost fashionable, if not perceived to be routine, with the consequence of setting an unrealistic expectation that it is a table-stakes capability for any organization serious about cybersecurity. In part this is driven by the natural erosion of the security perimeter as more users work from anywhere and […]
Over a year after the murder of George Floyd and the rapid rise of the Black Lives Matter movement, we reflect on how large corporations have – or have not – adapted to changing expectations. Within the bounds of the legal system, George Floyd’s murder was acknowledged with his murderer’s conviction and the erection of […]
Companies of all sizes are facing the reality of increased employee turnover, requiring departments to do more work with less help. In our latest one-pager from DayBlink’s Finance Transformation group, read about what steps Finance can take to effectively manage these challenging times. About the Authors Phillip Carrington is a Consultant within DayBlink’s Financial Transformation Center of […]
There are countless factors at play in the ongoing race for talent. An emerging differentiator for employees is Environmental, Social, and Governance (ESG) scores. More than ever, employees want to associate with companies that meet their needs, while also making a positive impact on society. About the Authors Chloe Spetalnick is a Consultant within DayBlink’s Organization […]