Findings from an annual Ponemon study on data breaches showed that while more companies have plans in place, they still lack confidence and are failing to take crucial steps as part of the preparedness process, preventing them from being truly ready for a real life data breach incident.

It takes months for most computer intrusion victims to learn they were breached.  Unfortunately, the hackers get busy much sooner, often stealing data within days if not minutes.

It’s essential that boards understand the organization’s cyber risks in order to successfully oversee overall company performance. CISOs and CSOs who can clearly convey cybersecurity to the board promotes better navigation of the organization in today’s uncertain cybersecurity world.

Ideally a penetration test should simulate a real world attack; in the real world, the attacker will always have some objective beyond “get into the network.”  No matter who the attacker is, they are motivated by something that they are trying to accomplish – and getting into the network is only one step in that process for the attacker.

This article is the twelfth in our ongoing series exploring the NIST Cybersecurity Framework. 

Network security practitioners often look to solve technical problems with technical solutions: “The engineers got us into this mess; they can get us out of it.”

More than nine in 10 manufacturers (92 percent) cite cybersecurity concerns in their SEC disclosures this year.

The risks associated with cyberattacks have now become the topic of discussion at the senior most levels within organizations for many reasons.

The big news at this year’s RSA show was big data and the Cloud.