Most compliance officers play little role in cyber security
Posted on 21 May 2014.
Seventy-five percent of compliance officers are not involved in managing cyber security risk according to a report from Kroll and Compliance Week.

In a survey of senior-level compliance professionals, nearly 44 percent of respondents also said the chief compliance officer (CCO) is only responsible for privacy compliance and breach disclosure after an incident, but has no role in addressing cyber security risks before one.

These statistics draw attention to a gap in responsibilities as cyber security lapses can often involve hefty penalties or sanctions, civil litigation and compliance issues. As the CCO role evolves, the need for influence in managing cyber security risk will increase.

Alan Brill, senior managing director for Kroll, says compliance officers should have a strong enough grasp of cyber security to know when they should be involved in a problem—and, he stresses, other parts of the corporate enterprise need to recognize that compliance has a role to play from the beginning.

“Every compliance officer needs to decide whether it’s time for them to be Captain Kirk and boldly go into cyber,” says Brill, “and to do it by forging a partnership with the IT director, with the general counsel, with the internal auditor—so that the cyber elements of compliance are just the everyday part of your work.”

More findings:
  • More than 50 percent of compliance professionals anticipate the bribery and corruption risks to their company will increase this year
  • 58 percent never train third parties
  • Only 43 percent monitor compliance after a third-party relationship begins
  • Only 48 percent automate their anti-corruption program in some way.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th