In July of 2023, the U.S. Securities and Exchange Commission, commonly known as the SEC, adopted new rules necessitating the disclosure of material cybersecurity incidents and related risk management, strategy, and governance. One of the most notable requirements of the new regulations is that companies must report a cybersecurity incident within four business days after…
Read More
As we approach this 2022 holiday season, retailers will be faced with myriad pressures, some a continuation of market conditions from years past, others a bit more unexpected. Supply chain challenges remain, but instead of empty shelves, there’s a twist — driven by changing consumer preferences and buying behaviors. Red-hot categories like apparel and home…
Read More
Context On May 4, 2022, Connecticut became the fifth U.S. state to pass a set of data privacy rules and regulations aimed at protecting the privacy of its constituents. The bill, S.B. No. 6: Act Concerning Personal Data Privacy and Online Monitoring, joins similar legislative pieces passed in California, Virginia, Colorado and Utah. This rising trend…
Read More
The last few years have seen a dramatic rise in high-profile ransomware cases, leading CISOs to bump ransomware planning to the top of their list of initiatives. However, just as companies have adapted to guard against this threat, ransomware gangs have adapted in turn, employing additional layers of extortion focused on exposing customer data. A…
Read More
Any company operating a modern information technology environment can fall victim to system-encrypting ransomware. But not every company has fallen victim. Do companies that experience an operations-impacting ransomware event have poor cybersecurity hygiene? Or is the quality of cybersecurity hygiene not a factor in the frequency of ransomware events? To answer these questions, RiskRecon analyzed…
Read More
