April 1, 2015
Cybersecurity: A Practical Guide for D&Os
This new white paper from Foley provides a practical, easy-to-follow blueprint for directors and officers to tackle cybersecurity. Notably, the paper includes individual “bite-sized” checklists of important considerations covering each of the key elements of a compliance & risk management program. Here are the 10 key elements – each of which is capably addressed with a targeted checklist:
10 Key Elements of a Cybersecurity Risk Management Program
– Incident Management
– User Education and Awareness
– Managing User Privileges
– Home and Mobile Working
– Removable Media Controls
– Malware Protection
– Monitoring
– Secure Configuration
– Network Security
– Cybersecurity Insurance
The paper also includes an information security “policy library” that identifies the most critical policies (e.g., access control, BYOD (bring your own device)) companies should consider as part of their compliance program, and an appendix defining key security concepts.
Effective Use of Internal Audit in Cybersecurity
This new Compliance Week article discusses ways in which companies can tap their internal audit staff to assist with their cybersecurity program, including:
- Cybersecurity risk assessment
- Identification and inventory of the company’s most important data
- Vulnerability testing (to some extent – subject to avoiding independence impairment)
- Identification of potential consequences of vulnerabilities
- Validation of company’s response plan
- Monitoring and periodic testing of program effectiveness
While internal audit functions vary widely, if the company isn’t utilizing internal audit in its cybersecurity assessment and compliance efforts, it’s likely under-utilizing a key resource.
Access heaps of helpful resources in our “Cybersecurity” and “Internal Audit” Practice Areas.
Our April Eminders is Posted!
We have posted the April issue of our complimentary monthly email newsletter. Sign up today to receive it by simply inputting your email address!
– by Randi Val Morrison
Blog Preferences: Subscribe, unsubscribe, or change the frequency of email notifications for this blog.
UPDATE EMAIL PREFERENCESTry Out The Full Member Experience: Not a member of TheCorporateCounsel.net? Start a free trial to explore the benefits of membership.
START MY FREE TRIAL