Ransomware | What You Need to Know About Ransomware & Awareness Tips

What You Need to Know About Ransomware Over the past few months, ransomware outbreaks of “WannaCry” and “Petya” have both achieved media headlines. Both outbreaks disrupted or halted business operations of organizations across the globe. Ransomware for past few years has been a growing threat, but now it has matured into a threat that cannot...

Information Security Outsourcing | [White Paper Included]

How Can Information Security Outsourcing Benefit CISOs? It doesn’t matter if an organization specializes in healthcare, retail sales, or widget manufacturing: every organization needs a comprehensive information security program in order to secure its information from theft, loss, breaches, and other threats. Unfortunately, because of the limited number of available dedicated resources with the requisite...

Information Security Architecture | Suite of Preventive & Detective Safeguards

What is an Information Security Architecture? An information security architecture program is associated with the management and effectivity of the suite of preventive and detective safeguards as a whole within an environment. The goal of information security architecture program is to ensure that all of the security technologies implemented within the environment work together to...

Survey | Do you Have a Security Program and How do you measure it?

How do you measure your security program? We’d love to get your feedback! Take this 3 min survey. The goal is to understand how organizations are measuring their security program today and how they want to measure it moving forward. The CISOSHARE team needs your support to find new ways to serve and educate our...

The Healthcare CISO’s Best Practice to HIPAA Compliance [HIPAA Best Practices Download Included]

HIPAA Compliance Best Practice for Healthcare A CISO’s most valuable tool, apart from their team, is their security program. These procedures govern an organization’s processes in order to protect its information, as well as computer systems, and assets. Potential threats are always looming, and the possibility of a breach by a hacker, theft of information,...

CISO | Top Roles & Responsibilities of a Chief Information Security Officer [Checklist included]

CISO | Top Roles and Responsibilities Many people mistakenly think a CISO (Chief Information Security Officer) is simply the head of technical security operations – sort of an IT manager – and that’s the extent of their role. The truth is that while CISOs must be tech-savvy, their responsibilities demand much more. They must be...

CISOs | Best Practices to Understand, Communicate and Make Informed Decisions

CISOs | Guide to Informed Decision Making and Moving it Forward As the lead protector of information security within an organization, a chief information security officer (CISO) must understand the risks that exist, as well as be able to clearly communicate those risks and possible solutions to the organization’s leadership. In addition to this, they...

What Security Assessment Framework Is Best For Your Organization?

How to Choose a Security Assessment Framework | SOC vs ISO vs HITRUST CSF The most important thing that should drive which framework you select is to always begin by understanding your internal business objectives for information security and then to select the framework that best supports this objective. While this is what you should...

Security Policy | Top 5 Tips for Implementing a New Security Policy

Considerations to Keep in Mind When Implementing New Security Policies Any time you implement a new security policy into an environment you are implementing change. Change can have positive effects, but there are often very specific considerations when producing a new security policy that can be the difference between a policy that meets business needs...

Security Program | Start of Security Program Development Content at RSA

RSA Conference Starting to Acknowledge Security Program Development Thank you, RSA! It started in 2014 when a Security Strategy track was added to the agenda, one that was defined as a covering security program development issues. This year, it actually is going to the next level, though, as there are actually a couple sessions that...