Tag: CISO
In this list, we don’t see any of the significant factored software types, so there are no weights to add here. Calculating the Likelihood of Exploitation of a Vulnerability Now that we have all our factors and weights, we can do some simple math in a spreadsheet. Factor Weight Base -6.18 Web related 0.06 Reference…
Read MoreWhen it comes to high-value assets, few industries can come close to financial services. It’s not just the obvious fact that banks are giant warehouses of money—banks represent critical pieces of infrastructure that entire economies rely upon. Some of today’s largest financial institutions have more app developers than bankers. The way these companies interact with…
Read MoreMobile World Congress: cancelled due to Coronavirus. IBM and others pulled out of the RSA Conference for the same reason. Supply chains are in jeopardy, since so much technology is manufactured in China. It seems even we in the tech world can’t avoid getting pulled into the Coronavirus gravity well. While this pandemic isn’t hitting…
Read MoreI struggled to assimilate to civilian life after I returned home from serving three military deployments. I had plenty of experience, but I didn’t know how to explain my qualifications in terms an employer would understand. After all, how do you tell a potential employer that your skills hunting down IEDs in Afghanistan make you…
Read MoreCOVID-19, aka the Coronavirus, is really starting to worry people. It’s an unfamiliar, seemingly unnatural new threat dragging a lot of uncertain baggage with it. It has already caused global disruptions on both the macro- and micro-scale. All over the world, organizations and individuals are mobilizing response plans, and that’s a good thing. The U.S.…
Read MoreIn the current era driven by automation and connectivity, retaining top IT talent is becoming increasingly important for enterprises to deliver world-class customer experiences in order to stand out and stay ahead in the race. However, as companies pursue digitization to drive transformation and innovation, they simultaneously become vulnerable to cyberattacks. Last year, Hong Kong…
Read MoreDifficult security incidents are unique and valuable opportunities. They are the sort of testing you can’t buy: real-world, un-simulated, and direct. No pen-test or code review is going to do what a serious incident will. They are priceless jewels, but only if you use them for all they’re worth. Capturing that value is only possible…
Read MoreThis is the first in a three-part series on the new Department of Defense (DoD) audit requirement called Cybersecurity Maturity Model Certification (CMMC). This first part introduces CMMC and what it means for the future of U.S. government suppliers of cybersecurity. Part two will discuss how to prepare for a CMMC audit. Part 3 will…
Read MoreRansomware is not the hottest topic around right now. But that may be deceptive as to its proliferation, because figures show it is still very much alive and kicking. It only takes a quick glance at the rest of the world to see the devastating effects ransomware attacks can have on public and private sector…
Read MoreLooking back at 2020, it was obvious even at the time that everything had changed forever. The COVID-19 pandemic left nothing as it was. It brought disruption and loss to everyone. For security and IT staff, it also ushered in the Great Remote Access Experiment. Our work was suddenly thrust into the limelight, but without…
Read More