Newsletter | Volume 1

Copenhagen Compliance® has since 2005, continuously provided guidance on how organizations can implement a governance and risk-based approach to IT security issues, by making these issues visible, measurable and actionable. At the IT Security Day on 15th March 2016, we will demonstrate the Security Risk Management tools that support both advanced reporting capabilities and interconnectivity to ensure that remediation actions for IT breach, controls, and tests.

Each of the past several years has been considered to be the worst year ever when it comes to IT, data and cyber security breaches. Still dozens of 'other' companies and government agencies are victims of massive network security breaches. But the breach has probably occurred in your IT or data network, you just don't not know abou it.

Updated state-of-the-art IT-security policies
Several of victims are often data-security firms, hosting companies or financial institutions. Therefore, the violations affected customers and consumers on a relatively large scale. The continued and extended the use of mobile devices; social media and cloud security will drive the IT-security concerns in 2016.

The 2015 program will focus on the latest IT security challenges that damage the IT infrastructure social media as a tool in cyber warfare. Most companies will focus on stricter data discipline, governance, security enforcements with a primary focus on data protection. We recommend a bi-annual assessment of cloud-service providers and their ability to enforce updated state-of-the-art IT security policies.

Protect the Social Side of your Business and Organisation. Employ the components of the Social Media to Remain Competitive

The social media experience is changing the communication structure within and outside the organization. What are the threats to social media's unstructured and unexplored lines of contact? Improper use of the social media can inadvertently lead to Good Governance, Risk Management, and Compliance issues e.g. Insider trading, antitrust violations, defamation, and harassment, etc.
Social media allow companies can also be used for stakeholder engagement, highlighting the need for Social Media governance. Organizations admit that it is hard to monitor and manage the interactive content of the Social Media to drive value and ultimately manage risk.
Social media is now often used to enhance the company's bottom line profitability by leveraging the elements of social media marketing. Take into consideration that by 2015, almost half of the CIOs will use cloud sourcing due to costs issues or to create new revenue streams to outperform competitors

IT focus on creating a comprehensive Social Media strategy on how to:

Capture and govern the social media in the cloud
Determine the boundaries of interaction that contains detailed, negative or neutral position
Extend existing compliance guidance and assessment practices to interactive content
Perform hypothetical search and policy-based monitoring of the combined social statistics -in your entire database
Preserve or recover the interactive content for legal action or proceedings

Using Technology to Simplify, Integrate and create Business Security and Value.

How to use IT to capture and control the enterprise-wide GRC perspectives and compliance events at your business platform
How to manage and monitor the various security risks that drown in data, by implementing new technology e.g. dashboard systems that prioritize risks and develop a global view of compliance activity
How to move more strategically and stay ahead of compliance missteps.
How to mitigate exposure to risk, fraud, and human error by implementing controls-monitoring technology to enforce real-time, contextual, and preventive IT controls within business processes

Managing Information Governance to Avoid Compliance Meltdowns.

How to create a secure, cloud-based IT environment that consolidates management information data into one system. The priorities could be corporate records management and regulatory compliance departments
How to move Information Governance into the next generation of large data structures and the related risks. e.g. e-discovery failures, privacy breaches, and limited data protection
How to manage these risks and compliance obligations into a modern corporate IT environments such as cloud computing
How to find the right cloud model for your business and control the information flow?
What are the implications of the new EU mandates on privacy and data security?

To be continued in the next newsletter. The Cloud is here to stay, integrate Cloud Computing into Your Data Security Program: see: http://www.riskability.org/2016/it-security/index.htm