As we continue to embrace hybrid work, chief information security officers (CISOs) and compliance teams are wading through and in some cases even overlooking many different areas related to collaboration security. We’ve highlighted the top three areas of risk in this post which should keep CISOs awake at night. The remote workplace continues to evolve at lightning speed, and so too should CISOs – or risk sensitive materials ending up in the wrong hands.
While a number of useful countermeasures are being taken across corporate boards, progress remains relatively slow in the face of borderline existential threats. Not so long ago, companies thought of cybersecurity as a technology problem to be overseen by the chief security officer or the chief information officer, or as a compliance issue to be managed with audit functions. Today, thankfully, a more holistic, proactive and analytical approach is generally taken. There is more security training and better hygiene and most boards now count a seasoned CISO as one of their directors.
Ransomware is one of the most prominent cybersecurity threats organizations face today. Any institution or company (small or large) can fall victim to ransomware – including schools, healthcare providers, educational facilities, non-profit entities, and government agencies. Cybercriminals that deploy ransomware attacks do not discriminate. Thankfully, there are ways to protect your organization from ransomware attacks. In this article, you’ll discover everything you need to know about ransomware as a chief information security officer (CISO), from its evolution to preventative methods to prevention.
BlackBerry Limited released its 2021 BlackBerry Threat Report, detailing a sharp rise in cyberthreats facing organizations since the onset of COVID-19. The research shows a cybercrime industry which has not only adapted to new digital habits, but also become increasingly successful in finding and targeting vulnerable organizations.
Life used to be simpler for security teams. In the legacy world, they had a clear understanding of the environment they needed to protect—typically the standard LAMP stack (Linux, Apache, MySQL, PhP). Within this straightforward, relatively static infrastructure, they could carve out a network layer all for themselves to implement the security technologies of their choice. They also had a direct line to vendors to discuss the security controls that needed to be implemented. But in the age of DevOps and cloud, things just don’t work this way anymore. Four key changes have left security teams struggling to protect applications and organizations.
In order to remain resilient and meet the emerging priorities around effective supplier management, improved business continuity planning, and increased community engagement, business leaders need to assess and benchmark their performance around three core areas of organizational resilience: operational resilience, supply chain resilience, and information resilience.
Human error contributes to almost 95% of security breaches. Most security approaches still fail at making a desired impact. Let’s analyze the two main reasons why businesses fail to develop a robust, human-centric security approach.
While the flexibility granted to remote workers is game changing, employers have new concerns about the security of a hybrid setup. COVID-19 vaccinations are now within reach for a majority of Americans, meaning enterprises need to re-examine the remote office model many were forced to adopt over the past year. Experts anticipate that a hybrid work model with an equal number of workers in office and remote to be the new model of choice.
If you’d like to learn how your enterprise can re-tool security strategies and ensure security for both remote and in-office employees, keep reading on for a conversation with cybersecurity expert Brent Johnson, CISO at Bluefin, on how leadership can address security challenges specific to a hybrid work model.
Supply Chain Risk is more pertinent now that digital transformation initiatives are the norm. In a recent Ponemon study, 82% of respondents believe their organization experienced at least one data breach due to digital transformation. At the same time, 55% said with certainty that at least one of the three breaches was caused by a third party. Reporting on SCRM and gaining visibility into the cyber risk across third parties is critical to the security of both small and large organizations, especially in the digital age we live in.
Meet Max Vetter, Chief Cyber Officer of Immersive Labs. Before joining Immersive Labs, Vetter spent seven years working with the Metropolitan Police Service as a police officer, intelligence analyst, and covert internet investigator. After leaving his career in law enforcement, he trained the private sector and government agencies in ethical hacking and open source intelligence, specializing in darknets and cryptocurrencies. This included three years of teaching at the GCHQ Cyber Summer School. Here, we speak to Vetter about emerging threats in the cybersecurity space and general security trends he has been noticing throughout the industry.
RSS
