Moving Security Programs Forward
This forward-looking model is designed to support cyber security planning activities from the perspective of before, during and, after a pandemic event occurs. The goal of the model is to forecast the world and business landscapes in each phase to help organizations best consider and understand cyber security needs and activities in the coming landscape. To accomplish this, we have created a 3-phase model that first aligns...
In any rapidly changing or fearful time, we’ve always found that it’s most helpful to contribute where we can, to help move each other forward and bring hope. While I’m not an expert in the details of healthcare and specifics to COVID-19, there are many parallels in this world crisis — especially in how it affects businesses — and the cyber security crises that the CISOSHARE team sees...
The last article touched on third-party risk management and how it integrates into a company’s overall security program. This time, we’re talking about automation and how it can help you make the steps of your third-party risk management processes more efficient. Automating Identification The identification of third parties is one of the most important steps in your third-party risk...
As organizations are focusing and spending more on their cyber security programs, they’re running into a new problem: staffing. With the existing cyber security resource shortage, nearly every organization needs additional cyber security staff. Whether they’re working on one-time remediation activities to address specific risks, or they need additional staff for their security programs moving...
Third-party risk management (TPRM) is a vital part of your security program’s overall risk management program. The average organization can have hundreds or even thousands of third parties and vendors that have access to their networks or handle sensitive data on their behalf, leaving a large surface open to potential cyber-attack. One of the most...
So, the whole opportunity bummer to this Internet thing is that things you post do not go away. We’ve been making predictions about coming predictions about coming security trends, so we thought we’d take a look at where we were right and where we were wrong. Below are each of the trends we identified that we saw developing in...
Governance, risk, and compliance, commonly referred to as GRC, has been a component of legacy security dogma and cyber security programs for years. It was created during a time (near the early 2000’s, depending on who you ask) when any definition of a security program was considered valid. Because of this, it persists in cyber...
There is a lot of talk about a cyber security resource shortage in our discipline. I get this may seem like the case, and maybe it even is, however what I don’t understand is if the time of our cyber security resources is so valuable then why are all of us wasting so darn much...
Cyber Security Tips for CFOs As organizations continue to prioritize security, CFOs are getting more involved with information security spend and even certain cyber security reporting frameworks. Here are our top tips for CFOs as they become more involved in different areas of cyber security: Sales Process and Customer Requests – Account for security planning...
Why CFOs Need to Start Paying Attention to Security The current cyber security landscape is bringing itself to the forefront of company priorities, especially CFOs. The reason for this can be attributed to the coming trends in security, especially in the way that the current state of security and the coming changes impact the bottom...