What You Need to Know about New Yorks Proposed New Cybersecurity Regulation
New Yorks Department of Financial Services has proposed a new cybersecurity regulation for financial service organizations that do business in New York. The impetus of the regulation is a direct result of the proliferation of cybersecurity breaches and the potential for significant financial loss and misappropriation of consumer data.Read more
Data in GRC projects Why Not?
Many GRC projects focus on the automation of manual data input tasks, rather than leveraging data thats already out there in systems inside or outside the firewall. It is interesting to see the big difference between whats technically possible, and whats being realized in actual projects.Read more
Gartner Security and Risk Management Conference, June 2016
Last week BWise attended the Gartner Security and Risk Management Summit with 3,000 of Information Security attendees from around the globe. The 4 day event opened with a keynote session by Felix Gaehtgens, Peter Firstbrook, and Jeffrey Wheatman from Gartner, highlighting a bold vision for todays digital business environment, in contrast to the previous years primary focus on protection and prevention.
Nasdaq Sweeps the OpRisk Awards, Solidifies Leadership in GRC Technology
Nasdaq had quite a night in London this week. Attending the Operational Risk Awards were representatives from both the BWise and SMARTS team. The company was honored to win four major awards that evening: BWise for Best GRC Product and Best Operational Risk Product, SMARTS for Best Financial Crime Product and Nasdaq for Best Overall Provider of the Year.
Sourcing Risk Information for a Value-Added Audit
Author: Ladd Muzzy, Principal at Nasdaq BWise
Audit continues its need to mature. Changes in professional standards, technological innovation, evolving compliance and regulatory requirements, and an increasing competitive environment are forcing the discipline to be more nimble. The audit department continues to divest itself from being seen as having a policing role to one of adding value. As organizations grow and become more sophisticated, the amount of risk and control data increases, adding new risks and morphing existing risks into varying exposures. Audit must respond, not only in its fiduciary role of providing an independent view of the risk and control environment but in understanding how the organization is responding to the changing risk environment.Read more