Moving Security Programs Forward
Why Project Management is Critical to Information Security One of the needs that most businesses have in today’s fast-paced world is to understand the scope, schedule, and budget of their projects to effectively deliver products and services. Modern organizations both large and small usually manage these aspects of their projects through a project management office....
Effective Threat and Vulnerability Management Cybersecurity breaches are a constant risk for every organization. In addition to being an inconvenience to businesses, their clients, and negatively impacting their reputation, they’re incredibly expensive. Although the cost varies from one organization to the next, the 2017 Ponemon Cost of Data Breach Study estimates that the global average...
The Do’s and Don’ts of an Effective Incident Response Procedure The most important step any organization can take is to have a properly trained and implemented incident response procedure in place to recover from information security incidents. The second most important step an organization can take is to know how to properly triage the environment...
CISO’s Communication Strategy Building and implementing an information security plan is one of the top responsibilities of a chief information security officer, or CISO. No matter what industry their organization exists in, a security plan will have common elements such as policies and procedures, new and updated technology, as well as an information security team...
Is Cloud Security a Concern for Your Organization? As the industry becomes increasingly digitized, more organizations are using cloud-based services to store data and deliver services to their clients. Perhaps your business uses a service such as Amazon Web Services to host apps or Azure to design, test, and deploy them. No matter what cloud...
Third-Party Data Security: Assessing Risk and Ensuring Compliance Information security within an organization can be complex. Factoring in the additional risk posed by sharing information with third parties makes matters infinitely more complicated for enterprises. What should you consider when looking for a vendor? Once you’ve established a relationship, how can you better control security...
2017 was a year of cybersecurity breaches that ran the gamut from the world of video games to once-trusted credit bureaus. At the beginning of the year, video gaming communities, Xbox 360 and Sony PlayStation were hit in separate attacks. Hackers gained access to users’ private information as well as email addresses, usernames, and passwords....
What Security Threats Keep You up at Night? From government agencies to technology companies, retail stores to organizations in the healthcare industry, cybersecurity breaches cause a devastating loss of data, customers, and money every year. The constant state of threat can make a breach seem not just possible, but inevitable. However, this doesn’t have to...
The Importance of Building a Security Program for IoT We live in an age of “smart” everything, from smartphones to smart televisions. Even our alarm systems and printers are connected to the Internet, remotely accessible with just the touch of a few buttons. This added convenience creates added security risks, as Sony discovered when hackers...
The Key to Ensuring GDPR Compliance? A Data Privacy Program. If your organization does business in Europe or works with European clients, you may be aware of the EU’s work to create a standardized set of data protection regulations. This framework, known as GDPR (General Data Protection Regulation) gives individuals greater control over their personal...