Moving Security Programs Forward
In our last article, we discussed what’s happened in 2018 that will carry over into 2019. Everyone who interacts with information security in 2019 will be facing tough decisions in the coming year. They will be forced to look in the mirror and ask what kinds of security programs they want to run. This means...
What Happened in Information Security in 2018? Different trends in information security throughout 2018 have set the stage for 2019, which is the year that we’ll all have to look in the mirror and think about where our moral boundaries lie in security. Before we dive into the upcoming information security trends in 2019, we...
Security program trends tend to move in a cycle. I sit in meetings today and hear people asking the same questions they asked back when I started in the cyber security space, only this time there are slightly different answers and solutions. I’ve highlighted some of the security program trends that I’ve seen previously to map...
When a cyber security incident happens, time is of the essence. This is why organizations need to design a plan of action in advance. Simply planning isn’t enough, however; every member of your team needs to know what steps to take first. This is why tabletop exercises are an essential part of every incident response...
One of the needs that most businesses have in today’s fast-paced world is to understand the scope, schedule, and budget of their projects to effectively deliver products and services. Modern organizations both large and small usually manage these aspects of their projects through a project management office. So, what is a project management office? And...
Cybersecurity breaches are a constant risk for every organization. In addition to being an inconvenience to businesses, their clients, and negatively impacting their reputation, they’re incredibly expensive. Although the cost varies from one organization to the next, the 2017 Ponemon Cost of Data Breach Study estimates that the global average cost of a breach is...
The most important step any organization can take is to have a properly trained and implemented incident response procedure in place to recover from information security incidents. The second most important step an organization can take is to know how to properly triage the environment when an incident occurs. Time is of the essence, so...
Building and implementing an information security plan is one of the top responsibilities of a chief information security officer, or CISO. No matter what industry their organization exists in, a security plan will have common elements such as policies and procedures, new and updated technology, as well as an information security team to help put...
Is Cloud Security a Concern for Your Organization? As the industry becomes increasingly digitized, more organizations are using cloud-based services to store data and deliver services to their clients. Perhaps your business uses a service such as Amazon Web Services to host apps or Azure to design, test, and deploy them. No matter what cloud...
Third-Party Data Security: Assessing Risk and Ensuring Compliance Information security within an organization can be complex. Factoring in the additional risk posed by sharing information with third parties makes matters infinitely more complicated for enterprises. What should you consider when looking for a vendor? Once you’ve established a relationship, how can you better control security...