Funding

now browsing by tag

 
 

DOJ Emphasizes Adequate Funding in Updated Compliance Guidance | Health Care Compliance Association (HCCA) | #employeefraud | #recruitment | #corporatesecurity | #businesssecurity | #

Source: National Cyber Security – Produced By Gregory Evans

Report on Medicare Compliance 29, no. 21 (June 8, 2020)

Whether an organization shows its commitment to compliance with dollars is a new focus of the second update to guidance on evaluating compliance programs from the Department of Justice (DOJ). In its updated Evaluation of Corporate Compliance Programs,[1] released June 1, DOJ indicates that adequate funding of the program and its people helps distinguish between a paper and an active program.

The guidance is used by white-collar prosecutors who evaluate compliance programs when deciding whether to file fraud charges and what the charges should be. Compliance officers also use the guidance to benchmark their organization’s compliance program. DOJ published the first version in 2017 and revised it in April 2019. The Evaluation of Corporate Compliance Programs modifies the Principles of Federal Prosecution of Business Organizations in the Justice Manual.[2]

There are detailed questions about compliance programs in the guidance, which is organized around three “fundamental questions” that prosecutors try to answer when evaluating effectiveness. The 2020 version modified the second question to refocus on resources:

  1. “Is the corporation’s compliance program well designed?“

  2. “Is the program being applied earnestly and in good faith?” In other words, is the program adequately resourced and empowered to function effectively?

  3. “Does the corporation’s compliance program work” in practice?

In elaborating on resources, DOJ explained that “prosecutors are instructed to probe specifically whether a compliance program is a ‘paper program’ or one ‘implemented, reviewed, and revised, as appropriate, in an effective manner.’ [Justice Manual § 9-28.800]. In addition, prosecutors should determine ‘whether the corporation has provided for a staff sufficient to audit, document, analyze, and utilize the results of the corporation’s compliance efforts.’ [Justice Manual § 9-28.800].”

The emphasis on funding doesn’t come as a shock. “You would have to have adequate resources before you get to adequate or better effectiveness,” said attorney Gabriel Imperato, with Nelson Mullins Broad and Cassel in Fort Lauderdale, Florida.

Prosecutors have always factored in the funding of compliance programs, although it’s significant to see this in writing, said Kirk Ogrosky, former deputy chief of DOJ’s fraud section. “You can have compliance officers who are making a fraction of what other senior executives are making,” he said.

The guidance also encourages organizations to advance compliance at all times, even during an investigation, said former federal prosecutor Robert Trusiak, an attorney in Buffalo, New York. As DOJ states, “In answering each of these three ‘fundamental questions,’ prosecutors may evaluate the company’s performance on various topics that the Criminal Division has frequently found relevant in evaluating a corporate compliance program both at the time of the offense and at the time of the charging decision and resolution.” DOJ reinforces this point when it talks about the risk assessment. “Prosecutors should endeavor to understand why the company has chosen to set up the compliance program the way that it has, and why and how the company’s compliance program has evolved over time.”

In other words, Trusiak said, “effective compliance is not set it and forget it. Compliance is an iterative process.”

DOJ Revises Other Questions

DOJ’s revisions ripple through the rest of the document, which is loaded with specific questions about commitment by senior and middle management, risk assessments, due diligence, communication with employees, oversight of third parties and other hot topics.

For example, the 2019 guidance asked whether the organization’s risk assessment was “current and subject to periodic review? Have there been any updates to policies and procedures in light of lessons learned? Do these updates account for risks discovered through misconduct or other problems with the compliance program?”

The 2020 guidance drills down. “Is the periodic review limited to a ‘snapshot’ in time or based upon continuous access to operational data and information across functions? Has the periodic review led to updates in policies, procedures, and controls?”

There are also more questions about how organizations ensure that policies get in the hands of employees and vendors. For example, “have the policies and procedures been published in a searchable format for easy reference? Does the company track access to various policies and procedures to understand what policies are attracting more attention from relevant employees?” The stakes also are raised on employee awareness of the hotline. “Does the company take measures to test whether employees are aware of the hotline and feel comfortable using it?”

Imperato noted that DOJ “dwells a fair amount on third-party due diligence” and whether it continues after the deal is done. For example, DOJ asks, “What has been the company’s process for tracking and remediating misconduct or misconduct risks identified during the due diligence process? What has been the company’s process for implementing compliance policies and procedures, and conducting post acquisition audits, at newly acquired entities?”

Questions on learning from mistakes were also tweaked. “Does the company review and adapt its compliance program based upon lessons learned from its own misconduct and/or that of other companies facing similar risks?” There are other changes to questions, including, for example, about training and “monitoring investigations and resulting discipline.”

Imperato said he will attach the updated guidance to his board training, along with other documents. “This automatically becomes the benchmark…for setting up a compliance program and determining its effectiveness.”

Ogrosky noted, however, that even well-funded, effective compliance programs may fail to detect bad actors. “Fraud is a non-self-revealing offense,” he said. “The people who commit fraud at large corporations are doing it to avoid the compliance folks.” He’s referring to flat-out fraud, not a debate about whether an arrangement fits within a safe harbor, for example.

Whether fraudsters inside corporations are unmasked depends more on whether executives ask the right questions vs. looking the other way, Ogrosky said. For example, if a salesperson outperforms his or her peers 50 times over, managers should dig into it. “If a contractor is able to do what no one has been able to do, ask why, because the fraud is not self-revealing.” DOJ will expect the corporation to accept some responsibility for bad actors, even when they have good compliance programs, he said.

1 U.S. Dep’t of Justice, Criminal Div., Evaluation of Corporate Compliance Programs (Updated June 2020), http://bit.ly/2Z2Dp8R.
2 U.S. Dep’t of Justice, Justice Manual, Principles of Federal Prosecution of Business Organizations, § 9-28.000 (2020), http://bit.ly/2GtxXFt.

[View source.]

Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post DOJ Emphasizes Adequate Funding in Updated Compliance Guidance | Health Care Compliance Association (HCCA) | #employeefraud | #recruitment | #corporatesecurity | #businesssecurity | # appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Interos Completes Series B Funding to Drive Data Science

Source: National Cyber Security – Produced By Gregory Evans

Markus Spiske from Pexels

Interos announced it has raised $17.5 million in a Series B funding round to accelerate data science and engineering growth, expand personnel and boost sales to drive commercial momentum for its leading risk management platform.

The funding comes after Interos tripled its headcount, increased annual recurring revenue by 700% and hiked SaaS subscription bookings by 693% in 2019. With the funding, Interos expects to capitalize on last year’s growth and more than double its personnel in 2020, hiring more staff to augment its proprietary software, which exposes critical risks in the global supply chain for leading private and public sector customers. 

 The round was led by first-time investor Venrock with participation from Kleiner Perkins. 

 “After a strong 2019, this funding shows Interos has already secured major support in 2020 from the world’s most successful investors,” said Jennifer Bisceglie, CEO and founder of Interos. “Like our customers, investors see the value of the Interos platform, which is critical for global businesses in 2020. From events like the coronavirus to political unrest, companies need a platform that exposes risks and identifies how events affect suppliers around the world the moment they happen.” 

“Interos is one of the most compelling big data and AI companies I’ve come across in the last decade,” said Nick Beim, Venrock partner. “Over the last 20 years, global supply chains have grown so rapidly and with so much opacity that most companies don’t know who they’re working with or who they’re dependent on. There’s so much data to gather to fully understand those risks, and Interos helps companies address these urgent, strategic issues with a brand new set of capabilities.”

Interos also recently added Phil Venables, a cybersecurity and risk expert to its board of directors. Venables’ distinguished career includes previously serving as Goldman Sachs’ first chief information security officer and head of technology risk, and as its chief operational risk officer. Prior to his work at Goldman Sachs, Venables was the chief information security officer at Deutsche Bank. Venables serves on the executive committee of the U.S. Financial Services Sector Coordinating Council for Critical Infrastructure Protection, is co-chair of the Board of Sheltered Harbor, and is a member of the boards of the Center for Internet Security and the NYU Tandon School of Engineering. He is also an adviser to the cybersecurity efforts of the U.S. National Research Council and the Institute for Defense Analyses.

Interos has worked with the U.S. Department of Defense, NASA and Department of Energy critical infrastructure. Interos uses machine learning to build and maintain the world’s largest knowledge graph of over 50 million relationships to discover and monitor the entirety of a supplier ecosystem. Each month, Interos ingests over 85,000 information feeds, processing over 250 million risks a month. Interos instantly visualizes the most complex multi-tier relationships, updating and alerting to changes in risk along five factors: financial, operations, governance, geographic and cyber.

 “In today’s interconnected world, Interos is bringing clarity to the muddled, confusing nature of supplier relationships,” said Ted Schlein, partner at Kleiner Perkins. “By automating due diligence, leveraging sophisticated technology and exposing vital risks, Interos shines a light on an otherwise opaque global supply chain.”

Source link

The post #nationalcybersecuritymonth | Interos Completes Series B Funding to Drive Data Science appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Zero Networks Launches Industry’s First Autonomous Network Access Orchestrator, Announces $4.65 Million in Funding

Source: National Cyber Security – Produced By Gregory Evans

Debuting at the RSA® Conference’s Launch Pad, the platform delivers adaptive user and machine-level policy enforcement to make a zero trust network model at scale a reality  

NEW YORK and TEL AVIV – February 20, 2020 – Zero Networks (www.zeronetworks.com), the pioneer in zero trust network access, today unveiled the Zero Networks Access Orchestrator, the first network security platform that automatically defines, enforces and adapts user- and machine-level network access policies to create a continuous airtight zero trust network model, at scale. The company was named one of three finalists for the prestigious RSAC Launch Pad, where it will debut the platform, on February 26th, during the RSA Conference, the world’s leading information security conference.

Zero Networks also announced it has raised $4.65 million in seed funding, led by F2 Capital and Pico Venture Partners. This funding will be used to accelerate product development and hire key positions in engineering, marketing, sales and business development.

Assuming users and machines inside the network can be completely trusted leaves the door open for malicious insiders and hackers to do almost anything they want. Zero Networks minimizes these risks, with the click of a button, constraining access in the network to only what users and machines should be doing. The Zero Networks Access Orchestrator is the first of its kind to deliver:

  • Autonomous policy enforcement – observes how users and machines normally communicate to automatically enforce a zero trust networking stance throughout your environment, with a two-factor authentication (2FA) mechanism to allow new or rare access, so users can always get what they need, when they need it.
  • Airtight security – establishes least privilege access for each and every user and machine, so they can only access only what they need, and nothing more. This provides a scalable and cost-efficient way for enterprises to establish user and machine-level perimeters that put an end to excessive allowances within the network. It also eliminates many internal attack vectors, such as network discovery, lateral movement, remote code execution and the introduction of commodity malware.
  • Access control at scale – provides a single source for all network access policies, so the entire environment is protected from managed and unmanaged devices, at scale, with the click of a button. There are no agents to deploy and no policies for IT to configure or manage.

“Zero Networks is making a zero trust security model at scale a reality,” said Jonathan Saacks, managing partner from F2 Capital. “Their approach is a radical change for the market, but not a radical change for enterprises, which is why it is so effective,” added Tal Yatsiv, operating partner at PICO Venture Partners. “Enterprises can go about their business and lock down the access of each of their users and machines to only what they need, without agents, without intervention, and without disruptions.”

Zero Networks founders Benny Lakunishok and Jossef Harush came up with the Zero Networks Access Orchestrator when they saw the burden that IT and security teams face in trying to maintain real-time access requirements for all users and machines across their environment. With deep experience in cybersecurity, they knew there had to be better, more scalable solution.

Mr. Lakunishok has been in cybersecurity for the past decade and was part of the leadership team of Aorato, which was acquired by Microsoft. Mr. Harush previously led the architecture and engineering team at CyberX. Together, they established Zero Networks to make it easy for enterprises to adapt and scale airtight, internal network access policies that keep attackers out and the business going.

The Zero Networks Access Orchestrator is currently being used by beta customers in the manufacturing, energy, retail and public sectors to defend their internal networks and will be commercially available at the end of Q1 2020.

About Zero Networks

Zero Networks automates the creation, enforcement and maintenance of zero trust network access policies for each user and machine to make zero trust security model at scale a reality. The Zero Networks Access Orchestrator enables organizations to keep up with the changes in their dynamic environment and prevent breaches from impacting operations, so they can be confident their users and machines are able to go about their business and nothing more. With Zero Networks, there are zero hassles, disruptions or worries - there’s just trust. For more information, please visit www.zeronetworks.com or follow Zero Networks on LinkedIn at https://www.linkedin.com/company/zero-networks or Twitter at https://twitter.com/ZeroNetworks.

 

Source link

The post #cybersecurity | #hackerspace |<p> Zero Networks Launches Industry’s First Autonomous Network Access Orchestrator, Announces $4.65 Million in Funding <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Cybersecurity, blockchain, autonomous research take spotlight in new Virginia technology funding

Source: National Cyber Security – Produced By Gregory Evans

Cybersecurity, blockchain, autonomous research take spotlight in new Virginia technology funding

The governor’s office announces new awards dedicated to bolstering technology research and commercialization around several emerging markets. Virginia Gov. Terry McAuliffe announced on Monday that $450,000 of a $2.7 million research fund will be put toward initiatives involving cybersecurity, information technology and drone research. The fund, known as the Commonwealth…

The post Cybersecurity, blockchain, autonomous research take spotlight in new Virginia technology funding appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Child sexual abuse: Agencies to get £40m funding boost

Ministers have pledged £40m towards the fight against child sexual abuse, exploitation and trafficking.
The cash will go towards bringing offenders to justice, targeting online exploitation, and protecting vulnerable children at risk of trafficking.
A new £7.5m “centre of expertise” will be set up to offer support and guidance to professionals on the front line.
But councils are warning that a “funding gap” of £1.9bn could put child protection services at risk.
In 2015, the government published a new strategy for addressing failures in child protection across England in response to the Rotherham abuse scandal – in which more than 1,400 children were abused between 1997 and 2013.

Read More

The post Child sexual abuse: Agencies to get £40m funding boost appeared first on Parent Security Online.

View full post on Parent Security Online

K-12 Funding, ESSA Hot Topics as State Legislatures Convene – Education Week

School finance formulas and implementation of the new federal education law are among the issues on the agenda as 50 state legislatures get to work for their 2017 sessions.

View full post on Education Week: Charter Schools







#pso #htcs #b4inc

Read More

The post K-12 Funding, ESSA Hot Topics as State Legislatures Convene – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Louisiana Court Rules Against Charter Funding – Education Week

A Louisiana appeals court last week ruled that the funding of more than 30 of the state’s 148 public charter schools is unconstitutional.

View full post on Education Week: Charter Schools







#pso #htcs #b4inc

Read More

The post Louisiana Court Rules Against Charter Funding – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Kansas Governor Warns of Tax Hike if State Loses Funding Case – Education Week

The state’s highest court is weighing the “adequacy” of the Kansas school funding system and previously ruled that the system is inequitable.

View full post on Education Week: NCLB







#pso #htcs #b4inc

Read More

The post Kansas Governor Warns of Tax Hike if State Loses Funding Case – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Melbourne cybersecurity startup ResponSight raises $1.15 million in seed funding

0 (2)

Source: National Cyber Security – Produced By Gregory Evans

Melbourne cybersecurity startup ResponSight raises $1.15 million in seed funding

Melbourne cybersecurity startup ResponSight has raised $1.15 million in a seed funding led by Carthona Capital, with follow on investment from Black Sheep Capital. The startup is responsible for providing risk solutions to large enterprises through reporting and analysing security

The post Melbourne cybersecurity startup ResponSight raises $1.15 million in seed funding appeared first on National Cyber Security.

View full post on National Cyber Security

Kansas lawmakers mulling courts’ power amid funding fight – Education Week

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Kansas lawmakers mulling courts’ power amid funding fight – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online