Access governance is currently one of the hottest topics when it comes to organizations securing their networks and data. Data breaches from outside hackers has always been big news – consider the coverage of the Target and Sony hacks, just to name a few of recent years.
Today’s center of gravity in cybersecurity is shifting, pulling the skills and experience of cyber defenders in new directions. In most companies, this situation has led to a convergence of responsibilities between physical security, information security and cybersecurity teams, and an increased commitment to “staffing-up” of dedicated “cyber defenders.”
Improving employees’ cybersecurity awareness often hinges on communicating those initiatives into risks they understand.
March 1, 2017
There’s a C- on your report card, but you’re not alone: The 2017 Global Cybersecurity Assurance Report Card found that the world’s information security practitioners gave global cybersecurity readiness an overall score of 70 percent – a six-point drop over 2016.
There have been volumes written about the role of the CSO and how to gain a seat at the table in the C-suite. A relatively small number of CSOs have been able to convince their management that the CISO should be under their purview, citing the inherent mission conflicts that exist when the CISO reports to the CIO.
Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs? Enter the NIST Framework category titled Mitigation.
To borrow from the Nobel Prize winning songwriter, the (security) times, they are a-changin’. Growing complexity is one of today’s IT’s biggest security challenges.
Ransomware is one of the most threatening malwares in the cyber industry, according to Carbonite’s Rise of Ransomware report, where 66 percent of IT professionals emphasize the seriousness of the issue, yet only 13 percent believe that they are prepared enough to prevent a ransomware attack.
A study conducted for Hiscox shows that, out of 3,000 companies in the U.S., UK and Germany, slightly more than half (53 percent) of these organizations are not prepared to effectively handle a cyber-attack.