2022 has brought new approaches to security training and increased government involvement in combating cyber threats.
The Biden-Harris administration introduced the Office of Cyberspace and Digital Policy, among other initiatives. On the other side of the pond, the UK has introduced laws aimed at weeding out state-related misinformation. These government activities took place against the backdrop of the Great Resignation, which caused companies to deal with potential threats posed by departing employees.
Here are ITPro Today’s top 10 articles on compliance and risk management in 2022.
1. Former Uber security chief convicted of data concealment
Former Uber Technologies security chief Joe Sullivan has been found guilty of concealing a large data breach from 2016. The lawsuit uncovers a series of other scandals that have taken place at Uber.
2. State Department Announces Office of Cyberspace and Digital Policy
The US State Department launched the Office of Cyberspace and Digital Policy in April. The initiative highlighted the growing importance of cybersecurity in national politics, economy and defence.
Further reading: Wall Street banks quietly test cyber defenses under Treasury guidance
3. Why Vendors Are Revamping Cybersecurity Awareness Training
Cybersecurity awareness training is commonplace in today’s workplace, but many employees struggle to retain crucial information. IT managers opted for a new approach.
Further reading: Information Security Basics Every IT Professional Should Know
4. Major US websites are breaking EU data privacy law
Research from regulatory compliance technology provider Zendata found that major US websites failed to comply with the EU’s General Data Protection Regulation. Find out how these websites miss the mark and the potential ramifications of non-compliance.
5. UK to force internet companies to curb foreign ‘disinformation’
The UK said in July that its online safety law would require owners of social media apps and search engines to screen content for state-related misinformation.
Further reading: Canada proposes new rules to protect personal information
6. Walmart’s security chief criticizes data breach prevention strategies
When it comes to preventing data breaches, the responsibility often rests with cybersecurity awareness training and the actions of every employee. Walmart’s chief security architect argues that the solution must come from a broader cultural change.
7. White House unveils cybersecurity strategy to keep IoT devices safe
The White House launched numerous cybersecurity initiatives this year, including a labeling system for commonly used IoT devices. The system rates devices based on their resilience to cybersecurity threats.
Further reading: How to get started with IoT device security
8. 4 Types of Insider Threats Every IT Professional Should Know About
While most security measures focus on outside attackers, it is important to recognize that some threats originate from within an organization. This article outlines four common insider threats and explains how businesses can deal with them.
Further reading: Insider Threat Prevention Best Practices in the Age of Remote Work
9. Digital ID technology promises enhanced security
Password still reigns supreme as the primary method of verifying online identities. Info-Tech Research Group analyst Ian Mulholland explains the future of digital ID technology.
Further reading: How Kroger consolidated its IAM tools
ten. Big resignation sparks internal risk management concerns
The big resignation saw a record number of employees leaving their jobs and as a result raised cybersecurity concerns regarding departing employees. Can business leaders and security professionals work together to mitigate insider risk?
Further reading: IT burnout and budget cuts worry tech leaders as 2023 approaches
What are your predictions for compliance and risk management in 2023? Share your predictions in the comments!