Blog

5 Years for Creating Vendors and Paying Them

Do you know what applications your employees have access to and what they’re actually doing with that access? NJ Transit is yet another organization that found out the hard way what can happen if you don’t. An NJ Transit supervisor just pleaded guilty to stealing $2.1M by creating vendors and then paying them. These vendors […]

Read more
Material Weaknesses in the Second Quarter

As part of FERF’s and Greenlight Technologies’ ongoing research into ICFR, we have created a program to automatically review all quarterly public filings and highlight those companies that have reported a material weakness. We are aggregating that information into meaningful data to show trends for you to review. Material weaknesses continued a cyclical pattern of […]

Read more
What’s in your wallet? Hopefully $80 million…

It was just about a year ago that we wrote about the Capital One breach. The personal information for approximately 100 million customers was compromised. The company is still dealing with the aftermath as the Office of the Comptroller of the Currency just announced an $80 million fine. They blamed the company for failing to […]

Read more
Use Continuous Monitoring Solutions to Quantify Actual Risk Exposure

Guest Blog by:Vijan Patel, Director, Technology Consulting, Enterprise Application Services, ProtivitiJohn Scaramucci, Associate Director, Technology Consulting, Enterprise Application Services, Protiviti Click here to read the full blog on Protiviti’s web site In today’s growing remote workforce, companies are faced with the challenge of scaling centralized authentication and user provisioning, while at the same time managing […]

Read more
Give $1000. Get $2000. Did the Insider Threat Strike Again?

Did you fall for it? After all, it looked very credible. Seeing a tweet from Elon Musk’s verified account on July 15th claim, “Everyone is asking me to give back, and now is the time. You send $1,000, I send you back $2,000.” This came soon after reports came out about Musk climbing up the […]

Read more
The Pandemic, Privileged Users and the Growing Inside Threat

We know the impact that the pandemic has on businesses will be felt for years to come and we’re still not out of it as numbers climb around the world. Parts are reopening while others are closing again. The key is to figure out ways to mitigate that disruption because it has had a ripple […]

Read more
The €1.9 Billion Vanishing Act

How can you make €1.9 billion disappear from the balance sheet? German payments provider Wirecard found out the hard way that you can’t. The company just filed for insolvency and its CEO was arrested after auditors accused it of committing an “elaborate and sophisticated fraud.” Auditing firm EY stated, “There are clear indications that this […]

Read more
Global Energy Corporation Implements Exception-Based System Access Security Monitoring

by Rohan Bhatia, Senior Manager, Enterprise Application Solutions at Protiviti and Brandon Drake, Manager, Enterprise Application Solutions at Protiviti These days, when remote working is forcing nearly every organization to take a close look at their security practices in efficiently providing the proverbial “to find the needle in the haystack,” a tool like SAP Access […]

Read more
360° Control Automation, Monitoring & Enforcement

Guest Blog by Michael Rasmussen, Research Analyst at GRC 20/20 Research Business today is changing minute-by-minute and second-by-second. Processes and technology and their configurations are changing. Employees and their access into systems are changing as they are hired, change roles, inherit rights, and ultimately leave the organization. Transactions and vendors are changing. The pace of […]

Read more
Managing Insider Threats

by Jasmine Chennikara-Varghese, Greenlight Technologies Employees are perhaps one of the most challenging security risks to the modern business landscape. Insider threat comes from those authenticated and authorized users performing potentially damaging activities from within your trusted landscape. While keeping the bad guys out is critical, the insider threats are harder to discern and happen […]

Read more