Peer-Driven Insights

Regulatory Compliance

Active Ambassadors in This Topic

JM Financial Services Ltd

Travel and Hospitality, 1k - 5k

Community Posts

Multiple environments34%

Segregation of duty41%

Authentication63%

QA testing52%

Key management30%

Security protocols32%

Encryption19%

Other (share details in comments)2%

View Results

Ransomware and multifaceted extortion32%

Business email compromise41%

Third-party vendor compromise (supply chain)16%

Cloud security incidents7%

I have no idea1%

View Results

Yes, absolutely13%

Yes, for the most part68%

No, some recent changes are concerning9%

Absolutely not – most recent changes are concerning3%

Unsure/can’t say6%

View Results

Active Ambassadors in This Topic

Rathik Pathak

Community Posts

AI deepfakes have cost the industry over $200M this year. As CISOs, can we scale detection fast enough, or is regulatory pressure the only way to drive adoption?

Among these controls that support continuous compliance in DevOps, which are important to adhere to? Select all that apply.

Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful?If not - what is stopping you from setting this up?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Which cybersecurity attack is currently your highest priority (to defend against)?

Overall, do you think cyber laws and regulations are currently evolving in the right direction?

What tools have been most helpful to gather evidence for a SOC 2 audit?

Can you share any best practices for managing compliance risks in a hybrid-cloud environment?

What regulatory changes are most impacting your budget planning currently? How have you adapted your cybersecurity budget to meet new compliance requirements, if at all?

What sorts of incident response changes are you implementing to satisfy regulatory requirements for incident reporting? How can organizations ensure their processes support compliance needs and create an audit trail that demonstrates that?

What are the main 10 features requested in a GRC platform?

I have been asked to re-assess our organisations 80% target for compliance training completions. Wanted to see what targets other org's have set?

How are you keeping teams updated/trained on the latest requirements for compliance in cyber security, given all the regulatory changes?

Given the increasing complexity of regulatory requirements in the banking industry, how can an industry professional balance the need for system stability with the drive for innovation in architecture?

What methods or techniques have you found effective for streamlining or otherwise optimizing compliance efforts for multiple privacy regulations?

Community Posts

AI deepfakes have cost the industry over $200M this year. As CISOs, can we scale detection fast enough, or is regulatory pressure the only way to drive adoption?

Among these controls that support continuous compliance in DevOps, which are important to adhere to? Select all that apply.

Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful?If not - what is stopping you from setting this up?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Which cybersecurity attack is currently your highest priority (to defend against)?

Overall, do you think cyber laws and regulations are currently evolving in the right direction?

What tools have been most helpful to gather evidence for a SOC 2 audit?

Can you share any best practices for managing compliance risks in a hybrid-cloud environment?

What regulatory changes are most impacting your budget planning currently? How have you adapted your cybersecurity budget to meet new compliance requirements, if at all?

What sorts of incident response changes are you implementing to satisfy regulatory requirements for incident reporting? How can organizations ensure their processes support compliance needs and create an audit trail that demonstrates that?

What are the main 10 features requested in a GRC platform?

I have been asked to re-assess our organisations 80% target for compliance training completions. Wanted to see what targets other org's have set?

How are you keeping teams updated/trained on the latest requirements for compliance in cyber security, given all the regulatory changes?

Given the increasing complexity of regulatory requirements in the banking industry, how can an industry professional balance the need for system stability with the drive for innovation in architecture?

What methods or techniques have you found effective for streamlining or otherwise optimizing compliance efforts for multiple privacy regulations?

Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful?

If not - what is stopping you from setting this up?

Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful?

If not - what is stopping you from setting this up?