Wendy's Recahes Settlement from 2015 + 2016 Data Breach

U.S. fast food restaurant chain Wendy’s announced recently that it has reached a settlement with the thousands of financial institutions impacted by the data breach suffered by the company in 2015 and 2016. The case clearly demonstrates how cybersecurity and information protection go far beyond compliance with regulations and standards.

Wendy's, like any other organization that processes payment cards, came under the purview of the Payment Card Industry Data Security Standard (PCI DSS) and would have been required to undertake several measures for data protection. And yet, it suffered a data breach of this magnitude. Clearly, an information asset-centric cybersecurity strategy is the way forward for organizations rather than solely a compliance-centric one.

Read More

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

New HIPAA Security Rule

New HIPAA Security Rule Tightens Cybersecurity for Healthcare Organizations

If published, the HIPAA Security Rule changes could pose significant operational and budget challenges for CISOs in the health sector …
FFIEC CAT to the CRI Cyber Profile 2.0

Why Some Financial Institutions Are Transitioning from FFIEC CAT to the CRI Cyber Profile 2.0

While the FFIEC does not endorse any specific tool, many financial institutions have started adopting the Cyber Risk Institute’s (CRI) Cyber Profile 2.0 …
GLBA Risk Assessments

GLBA Risk Assessments: A Key 1st Step in GLBA Compliance

The GLBA risk assessment is an organization’s starting point for GLBA compliance. We break it all down in this GLBA risk assessment overview …