Why Project Management is Critical to Information Security

One of the needs that most businesses have in today’s fast-paced world is to understand the scope, schedule, and budget of their projects to effectively deliver products and services. Modern organizations both large and small usually manage these aspects of their projects through a project management office. So, what is a project management office? And...

Key Components of an Effective Threat and Vulnerability Management

Cybersecurity breaches are a constant risk for every organization. In addition to being an inconvenience to businesses, their clients, and negatively impacting their reputation, they’re incredibly expensive. Although the cost varies from one organization to the next, the 2017 Ponemon Cost of Data Breach Study estimates that the global average cost of a breach is...

The Do’s and Don’ts of an Effective Incident Response Procedures

The most important step any organization can take is to have a properly trained and implemented incident response procedure in place to recover from information security incidents. The second most important step an organization can take is to know how to properly triage the environment when an incident occurs. Time is of the essence, so...

CISO’s Strategy to Effectively Communicate with the Board

Building and implementing an information security plan is one of the top responsibilities of a chief information security officer, or CISO. No matter what industry their organization exists in, a security plan will have common elements such as policies and procedures, new and updated technology, as well as an information security team to help put...

Are You Utilizing a Security Maturity Model? [White Paper Included]

Information security often takes the back seat with the day-to-day challenges of running an organization.  Even within businesses that have implemented an information security program, they often don’t detect problems until a serious security breach occurs.  Unfortunately, many companies don’t utilize more advanced or proactive stances on cyber security until a breach forces them to...

Cloud Security Is Also Your Responsibility

Is Cloud Security a Concern for Your Organization? As the industry becomes increasingly digitized, more organizations are using cloud-based services to store data and deliver services to their clients. Perhaps your business uses a service such as Amazon Web Services to host apps or Azure to design, test, and deploy them. No matter what cloud...

Cyber Security Scores Explained

Common Uses of Cyber Security Scores  A cyber security score is a number that gives you an idea of the state of your security program. The numerical scale the score is based on varies with the provider, but the goal of each of these different scores is to help an organization understand the strength of their...

What is a Security Risk Assessment?

What is a Security Risk Assessment?   A security risk assessment is often either a one-time or ongoing process used to measure an organization’s security posture. Risk assessments are meant to discover, correct, and prevent security problems, often by taking a risk-based approach to identify the threats that need to be addressed.  The most common purpose for...

Cyber Security Framework Explained

Cyber Security Framework A cyber security framework lays the foundation for your entire program and is the most important foundational element to a comprehensive and robust security program.  The framework is responsible for two critical functions within a security program:  It organizes all the requirements that the cyber security program will be built on.  It establishes all the hierarchical relationships between...

Managing Third-Party Data Security

Third-Party Data Security: Assessing Risk and Ensuring Compliance Information security within an organization can be complex. Factoring in the additional risk posed by sharing information with third parties makes matters infinitely more complicated for enterprises. What should you consider when looking for a vendor? Once you’ve established a relationship, how can you better control security...