Cyber Security Trends and Topics: What Awaits in 2019?

In our last article, we discussed what’s happened in 2018 that will carry over into 2019. Everyone who interacts with information security in 2019 will be facing tough decisions in the coming year. They will be forced to look in the mirror and ask what kinds of security programs they want to run. This means...

2018 Information Security Trends Set the Stage for 2019

What Happened in Information Security in 2018? Different trends in information security throughout 2018 have set the stage for 2019, which is the year that we’ll all have to look in the mirror and think about where our moral boundaries lie in security. Before we dive into the upcoming information security trends in 2019, we...

Security Program Trends: The Next Round of Security Program Development

Security program trends tend to move in a cycle. I sit in meetings today and hear people asking the same questions they asked back when I started in the cyber security space, only this time there are slightly different answers and solutions. I’ve highlighted some of the security program trends that I’ve seen previously to map...

How to Run an Effective Tabletop Exercise

When a cyber security incident happens, time is of the essence. This is why organizations need to design a plan of action in advance. Simply building a plan isn’t enough, however; every member of your team needs to know what steps to take first. This is why tabletop exercises are an essential part of every...

Re-inventing the Risk Register

Re-Inventing the Cyber Security Risk Register The cyber security risk register is a common concept in most organizations that adhere to a best practice security framework. Essentially, the risk register is a centralized inventory, often tangibly reflected as a spreadsheet, or risks that an organization finds in its environment while performing risk management activities. The problem...

Why Project Management is Critical to Information Security

One of the needs that most businesses have in today’s fast-paced world is to understand the scope, schedule, and budget of their projects to effectively deliver products and services. Modern organizations both large and small usually manage these aspects of their projects through a project management office. So, what is a project management office? And...

Key Components of an Effective Threat and Vulnerability Management

Cybersecurity breaches are a constant risk for every organization. In addition to being an inconvenience to businesses, their clients, and negatively impacting their reputation, they’re incredibly expensive. Although the cost varies from one organization to the next, the 2017 Ponemon Cost of Data Breach Study estimates that the global average cost of a breach is...

The Do’s and Don’ts of an Effective Incident Response Procedures

The most important step any organization can take is to have a properly trained and implemented incident response procedure in place to recover from information security incidents. The second most important step an organization can take is to know how to properly triage the environment when an incident occurs. Time is of the essence, so...

CISO’s Strategy to Effectively Communicate with the Board

Building and implementing an information security plan is one of the top responsibilities of a chief information security officer, or CISO. No matter what industry their organization exists in, a security plan will have common elements such as policies and procedures, new and updated technology, as well as an information security team to help put...

Are You Utilizing a Security Maturity Model? [White Paper Included]

Information security often takes the back seat with the day-to-day challenges of running an organization.  Even within businesses that have implemented an information security program, they often don’t detect problems until a serious security breach occurs.  Unfortunately, many companies don’t utilize more advanced or proactive stances on cyber security until a breach forces them to...