Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
The post-breach threat landscape and the need for an ‘effective’ compliance programme
Cyber Security: A Peer-Reviewed Journal,
7
(2),
145-153
(2023)
Abstract
In today’s rapidly evolving cyber security landscape, organisations face a multitude of threats beyond traditional hackers and state actors. The aftermath of a data breach involves not only the immediate response and recovery efforts on the part of the breached organisation but also a complex web of regulatory and legal consequences. This paper delves into the often-overlooked challenges posed by regulatory enforcement and the potential collateral damage that organisations may face following a breach. By understanding these aspects, organisations can develop effective compliance programmes that mitigate risks and protect against legal repercussions.
Keywords: data breach; GRC; governance; risk and compliance; enforcement; cyber risk
The full article is available to subscribers to the journal.
Author's Biography
Brian Mitchell Warshawsky , JD CCEP is the Director of Research, Ethics and Compliance for the University of California, Berkeley, and has presented at RSA Conference San Francisco, as well as at the Council on Government Relations (COGR), the National Council of University Research Administrators (NCURA), the National Association of College and University Attorneys (NACUA), Society of Research Administrators (SRA) and the Government-University-Industry Research Roundtable within the National Academies’ division on Policy and Global Affairs (GUIRR). Brian also served on the Association of American Universities (AAU) /COGR) taskforces and serves as a member of the board of the Bay Area Ethics and Compliance Association (BECA). He holds both a BA and JD from Michigan State University and is a Certified Compliance and Ethics Professional. Prior to the University of California, Brian served as the Senior Contracting Officer at Northwestern University.
