Rebecca Kappel

Centraleyes

In a world full of uncertainties, how do you keep your business risks in check?  Today, we’re exploring risk register templates and how they can supercharge your risk management strategy. What is a Risk Register? First things first, let’s define what a risk register is. A risk register is a ... Read More

On May 8, 2024, the Colorado House of Representatives passed SB 205, a landmark law regulating artificial intelligence (AI). This bill, which had already cleared the state Senate on May 3, positions Colorado as the first state in the nation to introduce comprehensive AI legislation. With Governor Jared Polis’s decision ... Read More

The NIST Cybersecurity Framework (CSF) has long served as a cybersecurity cornerstone, offering a structured approach to managing and improving cybersecurity risk. With the release of NIST CSF 2.0, organizations are poised to benefit from updated guidelines that reflect the latest cybersecurity practices and challenges. Understanding NIST CSF 2.0 The ... Read More

A data breach at National Public Data, a relatively obscure but widely connected company, has exposed 272 million Social Security numbers. This breach, reminiscent of the 2017 Equifax breach but on an even larger scale, has sent shockwaves through the security sector. Hackers infiltrated National Public Data’s systems, accessing a ... Read More

In the world of governance, risk, and compliance (GRC), there’s no shortage of incidents that illustrate what can happen when companies fall short of their compliance responsibilities.  In this blog, we’ll present the “best of the worst” compliance failures—a collection of incidents and stories that serve as stark reminders of ... Read More

The digital age has revolutionized the financial sector, making it more efficient and interconnected. However, this transformation has also introduced new risks, particularly from third-party ICT (Information and Communication Technology) providers. Recognizing the critical role these providers play in the financial ecosystem, the European Union has introduced the Digital Operational ... Read More

Data breaches and privacy concerns are all too common today. That’s why the Australian Health Records and Information Privacy Act 2002 (HRIPA) is highly relevant. This legislation ensures that your privacy is rigorously protected when you share your medical history or undergo a procedure. HRIPA mandates strict protocols for healthcare ... Read More

The DOJ rolled out its Corporate Whistleblower Awards Pilot Program this month. The initiative incentivizes whistleblowers who provide original, non-public information about corporate misconduct. If their tip leads to a DOJ enforcement action with a monetary forfeiture over $1 million, they could earn a slice of that pie—up to 30% ... Read More

Cyber risk scores measure the potential impact and likelihood of cyber threats. These scores help organizations prioritize their security efforts, allocate resources efficiently, and communicate risks to stakeholders clearly. It’s important to note that while risk scoring is an integral part of risk management, it is not the same as ... Read More

Setting: Two friends, Delta Air and Crowd Strike, sit at a corner table, sipping their drinks and exchanging sharp glances. Delta: (sighing heavily) CrowdStrike, you’ve really put me in a bind with that faulty update. Do you know how many flights I had to cancel? Over 6,000! My passengers were ... Read More