Tag Archives: grc

Is It Really All About Culture?

Is It Really All About Culture?

For the last several years, practitioners and consultants have been talking about culture as it relates to risk, compliance and ethics.  Two new pieces reinforce my view that culture is not just about risk, compliance, and ethics. There are many, many dimensions and sometimes they may actually conflict.

Continue reading...

EFail Vulnerability Underscores Need For Email Encryption

EFail Vulnerability Underscores Need For Email Encryption

Over the past week, European digital security researchers published a paper  which uncovered a new vulnerability in a widely used form of email encryption. The vulnerability lets hackers insert malicious codes into intercepted emails, giving them access to the entire inbox of a given target.

Continue reading...