Microsoft announced the opening of a new cybersecurity center in Mexico.

Today’s center of gravity in cybersecurity is shifting, pulling the skills and experience of cyber defenders in new directions. In most companies, this situation has led to a convergence of responsibilities between physical security, information security and cybersecurity teams, and an increased commitment to “staffing-up” of dedicated “cyber defenders.”

There’s a C- on your report card, but you’re not alone: The 2017 Global Cybersecurity Assurance Report Card found that the world’s information security practitioners gave global cybersecurity readiness an overall score of 70 percent – a six-point drop over 2016.

There have been volumes written about the role of the CSO and how to gain a seat at the table in the C-suite.  A relatively small number of CSOs have been able to convince their management that the CISO should be under their purview, citing the inherent mission conflicts that exist when the CISO reports to the CIO.

Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs?  Enter the NIST Framework category titled Mitigation.

To borrow from the Nobel Prize winning songwriter, the (security) times, they are a-changin’. Growing complexity is one of today’s IT’s biggest security challenges.

Ransomware is one of the most threatening malwares in the cyber industry, according to Carbonite’s Rise of Ransomware report, where 66 percent of IT professionals emphasize the seriousness of the issue, yet only 13 percent believe that they are prepared enough to prevent a ransomware attack.

The British government has ordered an inquiry of its cybersecurity in the wake of U.S. intel on Russian hacks during the presidential campaign.

More than three-quarters (88%) of hackers can break through cybersecurity defenses and into the systems they target within 12 hours, while 81% say they can identify and take valuable data within another 12 hours, even though the breach may not be discovered for hundreds of days.