Blog

Presenters from the event, left to right: Dan Carayiannis, Kirk Hogan and Ashley Lukeeram

RSA, Bell and Iceberg demo SA&A solution for government IT professionals

    Thanks to all of the participants who attended the SA&A demo last week organized by RSA, Bell Canada and Iceberg. Iceberg’s Kirk Hogan presented a demo of a proof-of-concept Security Assessment and Authorization (SA&A) for a key Canadian federal department that allows them to run automated risk and compliance assessments on all programs at the infrastructure […]

Read More

LINKED: RSA introduces new Archer GRC maturity models

Last month, Steve Schlarman blogged about RSA’s new Archer maturity models. He wrote: “Our vision is to help organizations transform compliance, manage risk and exploit opportunity with Risk Intelligence made possible via an integrated, coordinated GRC program.” RSA has also published a series of white papers breaking down each phase that are well worth reading.  They’re available to […]

Read More

New York State Department of Financial Services

LINKED: Report from New York financial regulator notes 3rd party risk

A report from the New York State Department of Financial Services identifies what it calls “significant potential cyber security vulnerabilities with banks’ third-party vendors.” Some highlights: Nearly 1 in 3 (approximately 30 percent) of the banks surveyed do not require their third-party vendors to notify them in the event of an information security breach or other cyber security […]

Read More

Survey participants were asked to rank their organization’s approach on the scales. A sample of responses is shown above.

Evolving conversations around cyber risk at Canadian financial institutions

Risk frameworks, business architecture, dashboards and reporting, threat risk assessments, cyber security governance, risk intelligence… these were all top of mind in the conversations we had with guests at a Canadian Bankers Association cybersecurity conference in Toronto at the end of March. What we heard truly validated our belief that providing trusted, aggregated and transparent […]

Read More

Cyber risk questionnaire

Notes from Canadian banking CISO panel on cyber risk

  “Breaking down complex data to simple risk statements.” “Lack of integration between systems.” “Lack of everyone having a wide perspective.” “Understanding the language.” “Line of sight to business context.”   Those are some of the answers we received from IT risk professionals in the Canadian banking sector at a conference last week when we asked […]

Read More

Celebrating Nowruz

Celebrating Nowruz, the festival of spring

At lunch today in the board room we celebrated Nowruz thanks to our colleague Mahnaz. “Nowruz (“new day”) is the traditional Iranian festival of spring, which starts at the exact moment of the vernal equinox, commencing the start of spring. It is considered the start of the New Year among Iranians. Nowruz is celebrated March […]

Read More

Canadian MPs, senators hear from experts about cyber risk

Cyber threats are everywhere, but who’s the most at risk? That’s the question that kicked off a panel discussion that Iceberg attended in Ottawa last night. “Cybersecurity: What Parliamentarians Need to Know and Do” was presented by the Carleton Initiative for Parliamentary and Diplomatic Engagement, with panelists including: Fen Hampson, Co-Director, Global Commission on Internet Governance […]

Read More

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign-up to our Risk Intelligence Newsletter for updates on new content, resources and events from the Iceberg team.

We promise to respect your time and inbox!

Thank you! Please check your email to confirm your subscription.