Privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and, more recently, Dubai’s Data Processing Law (DPL 2020) make it mandatory for organizations to appoint a Data Protection Officer (DPO). Under GDPR, a DPO is required for any organization that consistently monitors EU-based data subjects on a large scale. This might exclude smaller…
Editors Note: This article was written by Advisory Board Member, Jody Westby, for LeadersEdge, the content platform of The Council of Insurance Agents & Brokers.
As most organizations and governments closed their offices and ordered employees to work from home in response to the coronavirus, cyber criminals and nation states began taking advantage of workers who were suddenly easy targets.
This is not just an IT/information security problem; it is also a governance problem. Boards of directors and executives not only have to steer their companies through the unprecedented challenges associated with the coronavirus; they also have to review their governance of information security, business continuity plans, and risk transfer strategies to ensure that IT systems are secured and fraud and corruption are controlled. This is no time to dawdle; the threat environment has changed, and cyber attacks and fraudulent schemes are already impacting organizations around the globe.