Security Program Trends: The Next Round of Security Program Development

Security program trends tend to move in a cycle. I sit in meetings today and hear people asking the same questions they asked back when I started in the cyber security space, only this time there are slightly different answers and solutions. I’ve highlighted some of the security program trends that I’ve seen previously to map...

How to Run an Effective Tabletop Exercise

When a cyber security incident happens, time is of the essence. This is why organizations need to design a plan of action in advance. Simply planning isn’t enough, however; every member of your team needs to know what steps to take first. This is why tabletop exercises are an essential part of every incident response...

Why Project Management is Critical to Information Security

One of the needs that most businesses have in today’s fast-paced world is to understand the scope, schedule, and budget of their projects to effectively deliver products and services. Modern organizations both large and small usually manage these aspects of their projects through a project management office. So, what is a project management office? And...

Key Components of an Effective Threat and Vulnerability Management

Cybersecurity breaches are a constant risk for every organization. In addition to being an inconvenience to businesses, their clients, and negatively impacting their reputation, they’re incredibly expensive. Although the cost varies from one organization to the next, the 2017 Ponemon Cost of Data Breach Study estimates that the global average cost of a breach is...

The Do’s and Don’ts of an Effective Incident Response Procedures

The most important step any organization can take is to have a properly trained and implemented incident response procedure in place to recover from information security incidents. The second most important step an organization can take is to know how to properly triage the environment when an incident occurs. Time is of the essence, so...

CISO’s Strategy to Effectively Communicate with the Board

Building and implementing an information security plan is one of the top responsibilities of a chief information security officer, or CISO. No matter what industry their organization exists in, a security plan will have common elements such as policies and procedures, new and updated technology, as well as an information security team to help put...

Cloud Security Is Also Your Responsibility

Is Cloud Security a Concern for Your Organization? As the industry becomes increasingly digitized, more organizations are using cloud-based services to store data and deliver services to their clients. Perhaps your business uses a service such as Amazon Web Services to host apps or Azure to design, test, and deploy them. No matter what cloud...

Managing Third-Party Data Security

Third-Party Data Security: Assessing Risk and Ensuring Compliance Information security within an organization can be complex. Factoring in the additional risk posed by sharing information with third parties makes matters infinitely more complicated for enterprises. What should you consider when looking for a vendor? Once you’ve established a relationship, how can you better control security...

What Awaits in 2018? Cyber Security Trends & Hot Topics

2017 was a year of cyber security breaches that ran the gamut from the world of video games to once-trusted credit bureaus. At the beginning of the year, video gaming communities, Xbox 360 and Sony PlayStation were hit in separate attacks. Hackers gained access to users’ private information as well as email addresses, usernames, and...

2018 Security Strategies for CISOs

What Security Threats Keep You up at Night? From government agencies to technology companies, retail stores to organizations in the healthcare industry, cybersecurity breaches cause a devastating loss of data, customers, and money every year. The constant state of threat can make a breach seem not just possible, but inevitable. However, this doesn’t have to...