The following outlines three steps the C-suite and other executive team members should take to prevent and survive a data breach. But first, it’s imperative all involved heed this initial piece of advice when planning cybersecurity; treat breaches not as a possibility, but as something that is going to happen.
The need for improved security for remote workers requires more resources; however, the ongoing economic conditions often require lowering costs. A Microsoft survey found most leaders increased budgets for security and compliance (58 and 65% noting an increase), while 81% of respondents also reported pressure to lower security costs overall. IT is therefore tasked with protecting their company’s networks from the remote work-related threats while operating with leaner budgets. Doing this effectively will require multiple strategies to make sure your network is secure with the shift to remote work. Here are three examples on how broader security can be achieved.
Building security and privacy into product development is more critical today than ever before. First introduced through the Microsoft Trustworthy Computing initiative in the early 2000s, the well-known security development lifecycle (SDL) is a framework designed to do just that. It was originally devised to enhance software security, but an SDL process can and should be applied to all types of products to help root out security and privacy vulnerabilities, while establishing long-term resilience in the rapidly evolving threat landscape.
Social engineering is a term that refers to efforts by hackers and cybercriminals to use people — rather than technology — to gain access to sensitive systems and information. It’s a problem that information security experts have been wrestling with for years and one that, in the midst of COVID-19, has become both more prevalent and more challenging.
Acting Secretary of Homeland Security, Chad F. Wolf introduced two new members to the Homeland Security Advisory Council (HSAC): Tom Jenkins and Catherine Lotrionte. Created by President George W. Bush in 2002, the HSAC is a Department of Homeland Security federal advisory committee that provides the secretary with independent, informed recommendations, and advice on a variety of homeland security issues.
Keeper Security has examined new challenges for the retail industry as part of its Cybersecurity in the Remote Work Era: A Global Risk Report. With the holiday season quickly approaching, Keeper Security is issuing an advisory for retailers.
Meet Stephanie Benoit-Kurtz, lead of cybersecurity faculty at the University of Phoenix – Las Vegas. She is also director of cybersecurity for Station Casinos in Las Vegas. She has spent three decades in the IT industry, working for a variety of large and small organizations and as a consultant. In the early days of her career, despite being part of the team responsible for implementing decisions at the IT company where she was employed, she “was routinely left out of the decision-making process. Here, we talk to Benoit-Kurtz about how the cybersecurity space has changed over time, and how the industry can embrace more individuals to meet demand and close the cybersecurity gap.
The members of Election Infrastructure Government Coordinating Council (GCC) Executive Committee - Cybersecurity and Infrastructure Security Agency (CISA), released a statement noting that the 2020 election was the most secure in American history.
The Forum of Incident Response and Security Teams (FIRST) is holding its annual conference online next week. The three-day event, which is taking place online for the first time, will feature both industry experts and academics from the global community talking about the latest developments on how to prevent, detect and respond to computer security incidents. The
Building a cyber-resilient enterprise informed by threat intelligence is not an easy task. Risks and requirements are often as unique and diverse as organizations themselves. Determining factors like industry, size, and market contribute to one simple truth: a one-size-fits-all approach to incorporating threat intelligence does not exist. Some invariants, however, do remain; successful threat intelligence programs must staff the right people in the right positions. Below, I’ll introduce four core threat intelligence focuses to consider as businesses plan and allocate budgets for 2021: