article thumbnail

Personal liability: A new trend in cybersecurity compliance?

CIO

Compliance is becoming personal — personal in the sense that cybersecurity compliance regulations increasingly include provisions that make it possible to hold individuals personally liable for oversights that lead to issues like cybersecurity breaches. How steep are personal compliance penalties? NIS 2 and DORA are quite new.

Security 241
article thumbnail

Why PCI compliance matters more than ever in the financial sector

CIO

According to the International Monetary Fund’s 2024 Global Financial Stability Report , one-fifth of all cyberattacks are against the financial sector. Understanding PCI compliance In the finance space, IT vendors must have sophisticated data security and data management practices. Achieving Level 1 PCI DSS 4.0

article thumbnail

Top 10 governance, risk, and compliance certifications

CIO

GRC certifications validate the skills, knowledge, and abilities IT professionals have to manage governance, risk, and compliance (GRC) in the enterprise. With companies increasingly operating on a global scale, it can require entire teams to stay on top of all the regulations and compliance standards arising today.

article thumbnail

PCI compliance: The best defense is a great defense

CIO

Not surprisingly, Payment Card Industry Data Security Standard (PCI DSS) compliance is crucially important. Compliance with PCI DSS v4.0 is designed to help to defend against the three most common attack vectors identified in Verizon’s annual Data Breach Investigations Report (DBIR). Updating the PCI DSS is likewise critical.

article thumbnail

Monetization Monitor: Software Usage Analytics 2020

Usage Data’s Role in Compliance Efforts. Download the report now and see how your company compares. Discovering overuse of software (intentional or unintentional) can reduce revenue leakage, yet nearly half of suppliers are unaware of how much revenue they’re losing to piracy and overuse.

article thumbnail

Download our environmental, social, and governance (ESG) reporting software enterprise buyer’s guide

CIO

From the editors of CIO, this enterprise buyer’s guide helps the IT and business organizations staff understand the requirements for environmental, social, and governance (ESG) compliance and how to choose the right reporting solution.

article thumbnail

Reporting cybersecurity posture and systemic risk to the board

CIO

A 2024 PwC report found that 49% of directors see cybersecurity as a significant oversight challenge ( “Overseeing cyber risk: the board’s role,” PwC, January 2024). Correlating all of these activities into a single, easy-to-read, and easy-to-understand report for board members is complicated. This must change, and quickly.

Security 330
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

This IDC report addresses several key topics: Risks involved with using open-source software (OSS) How to manage these risks, including OSS license compliance Business benefits to the organization beyond risk mitigation Software supply chain best practices Key trends in industry and government regulation