Cyber Security Trends and Topics: What Awaits in 2019?

In our last article, we discussed what’s happened in 2018 that will carry over into 2019. Everyone who interacts with information security in 2019 will be facing tough decisions in the coming year. They will be forced to look in the mirror and ask what kinds of security programs they want to run. This means...

2018 Information Security Trends Set the Stage for 2019

What Happened in Information Security in 2018? Different trends in information security throughout 2018 have set the stage for 2019, which is the year that we’ll all have to look in the mirror and think about where our moral boundaries lie in security. Before we dive into the upcoming information security trends in 2019, we...

Security Program Trends: The Next Round of Security Program Development

Security program trends tend to move in a cycle. I sit in meetings today and hear people asking the same questions they asked back when I started in the cyber security space, only this time there are slightly different answers and solutions. I’ve highlighted some of the security program trends that I’ve seen previously to map...

How to Run an Effective Tabletop Exercise

When a cyber security incident happens, time is of the essence. This is why organizations need to design a plan of action in advance. Simply planning isn’t enough, however; every member of your team needs to know what steps to take first. This is why tabletop exercises are an essential part of every incident response...

Why Project Management is Critical to Information Security

One of the needs that most businesses have in today’s fast-paced world is to understand the scope, schedule, and budget of their projects to effectively deliver products and services. Modern organizations both large and small usually manage these aspects of their projects through a project management office. So, what is a project management office? And...

Key Components of an Effective Threat and Vulnerability Management

Cybersecurity breaches are a constant risk for every organization. In addition to being an inconvenience to businesses, their clients, and negatively impacting their reputation, they’re incredibly expensive. Although the cost varies from one organization to the next, the 2017 Ponemon Cost of Data Breach Study estimates that the global average cost of a breach is...

The Do’s and Don’ts of an Effective Incident Response Procedures

The most important step any organization can take is to have a properly trained and implemented incident response procedure in place to recover from information security incidents. The second most important step an organization can take is to know how to properly triage the environment when an incident occurs. Time is of the essence, so...

CISO’s Strategy to Effectively Communicate with the Board

Building and implementing an information security plan is one of the top responsibilities of a chief information security officer, or CISO. No matter what industry their organization exists in, a security plan will have common elements such as policies and procedures, new and updated technology, as well as an information security team to help put...

Cloud Security Is Also Your Responsibility

Is Cloud Security a Concern for Your Organization? As the industry becomes increasingly digitized, more organizations are using cloud-based services to store data and deliver services to their clients. Perhaps your business uses a service such as Amazon Web Services to host apps or Azure to design, test, and deploy them. No matter what cloud...

Managing Third-Party Data Security

Third-Party Data Security: Assessing Risk and Ensuring Compliance Information security within an organization can be complex. Factoring in the additional risk posed by sharing information with third parties makes matters infinitely more complicated for enterprises. What should you consider when looking for a vendor? Once you’ve established a relationship, how can you better control security...