tiero - Fotolia
This year proved, again, that governance, risk and compliance remains a top priority for companies. But identifying these areas as a top concern and effectively addressing them are entirely different beasts. Between emerging governance concerns, the enactment of regulatory legislation, growing data challenges, mobile security issues and renewed encryption debates, GRC professionals have had their hands full in 2015.
Throughout the year, SearchCompliance has strived to deliver pertinent strategic advice, news coverage and best practices to help GRC professionals navigate the current and future digital landscape. Here, we've rounded up our top 10 2015 compliance stories, covering everything from the data currency movement, Regulation SCI challenges, mobile device management (MDM) best practices and the end-to-end encryption debate. Look back on our top stories from the year for expert guidance to help craft your GRC strategy in 2016 and beyond.
Risk management trends complicate information governance
GRC professionals today are struggling to adapt information governance to current threats and risk management needs. In this Q&A, data management expert Jeffrey Ritter explains the relationship between risk management and information governance, and how the two fields could prove mutually beneficial with the right strategy in place.
Five steps for thriving in the data currency era
Thanks to today's increasing transactions and devices, data is everywhere and becoming a valuable commodity. That explains why companies looking to take advantage and boost their bottom line are now starting to use data as a form of currency. Is your company getting the most it can out of big data? In this tip, Ritter presents five steps for how companies can take advantage of the data currency movement and create maximum value from their digital assets.
Slideshow: Today's biggest regulatory compliance challenges
From the Health Insurance Portability and Accountability Act and the Foreign Corrupt Practices Act to PCI-DSS and Regulation SCI, today's laws and regulations continue to create significant compliance challenges for companies in every sector. This photo slideshow runs through the most impactful regulatory and legal hurdles, and gives expert advice on how to overcome them.
Timeline: The path to the SEC's Regulation SCI adoption
Compliance with Regulation SCI -- a set of rules meant to improve the technological infrastructure that supports U.S. securities market operations -- is a challenge with which GRC professionals are all too familiar. In this visual timeline, learn about the inciting incidents, speed bumps and milestones that led to the adoption of the landmark regulation.
Governing risk and security with an MDM policy
Mobile device management (MDM) has been around for decades. The introduction of smartphones and advanced mobile devices, however, has given the term entirely new weight and meaning. Today, MDM is crucial to a company's IT and business strategy. In this tip, enterprise mobility expert Bryan Barringer discusses MDM's progression, and how an MDM policy can improve security and risk management.
Mobile compliance and security best practices
In order to make data and applications more accessible, companies are "going mobile." But with that increased accessibility and flexibility also comes greater security and compliance challenges. In this tip, GRC expert Jeff Jenkins explains why continuous monitoring, third-party vetting and other best practices are crucial to a company's mobile compliance and security.
Mobile application security still underdeveloped
Companies -- and consumers -- may be upping their security vigilance in the presence of constant data threats, but that doesn't mean they are focusing their attention on the right areas. According to security expert Vincent Sritapan, mobile application security is often overlooked, which can spell trouble for your organization. In this video, Sritapan pinpoints application security vulnerabilities and gives advice on how to overcome them.
Improve risk management with help from analytics
As data breaches remain a common occurrence, securing company data has topped GRC professionals' priorities list of late. Fortunately for them, their security problems can be solved with help from analytics, according to SearchCompliance expert David Loshin. He explains why and how companies are using data analytics and reporting to find vulnerabilities, as well as improve cybersecurity risk management.
Does end-to-end encryption threaten public safety?
What role does end-to-end encryption technology play in the war on terror? According to intelligence officers, encryption can put public safety at risk by allowing terrorists and criminals to "go dark." Technology companies, on the other hand, said strong encryption is a necessary measure to protect important data. In this feature, site editor Fran Sales outlines the arguments and the logistics of encryption strategies.
Evolving digital information requires fresh take on governance
If technology and digital information doesn't stay the same, why should governance strategies? It's no longer good enough to resort to time-worn methods such as the records retention schedule in order to safely and effectively manage digital information. In this tip, Ritter explains how modern companies should re-examine data governance and classification, and how they can construct a new strategic design.
Best practices for overcoming security issues and data challenges
"Regulatory fatigue" in 2015: Compliance survey
GRC events for IT leaders, 2016 edition