Tag: CISO
For years I wondered why business groups would move forward with technology initiatives before fully understanding their risk exposure. Focused on the business outcome, teams always wanted to implement first and figure out the risks later. Problem is, risks are intrinsic to business outcomes. A solution is only as valuable as the information flowing through…
Read MoreIt is against business priority enablers that we align the following causation models required to present our high-level protection strategy. Causal Model 1 — Threat Landscape We captured the business priorities in the business model’s value proposition. ECS’s desire is to “offer certified and compliant cloud computing services secured with the leading security standards.”…
Read MoreAnything we put online must swim in a sea of enemies. The F5 Labs report, Lessons Learned from a Decade of Data Breaches, revealed that an average breach leaked 35 million records. Nearly 90% of the US population’s social security numbers have been breached to cyber criminals. When confronted by staggering statistics like these, it is…
Read MoreA large technology consultancy with thousands of employees spread across north America and Europe is now approaching 99% cloud deployment for their applications. The consultancy believes this is the right solution to provide flexible and secure application deployment for their widely dispersed user community. The migration from on-premises to cloud-delivery began a decade ago with…
Read MoreNow hear this: You will always have exposure. No company has the ability to mitigate all risks at all times. No company I’ve ever visited has even had all of its identified risks treated at any given point. Yet so many companies lead their security strategy with controls. They’ll make sizable investments in security appliances…
Read MoreAmong security professionals specifically, the gap is even more significant: 47% chose security and only 26% said availability. This isn’t a surprise—security has been steadily ascendant for the past three years. In 2015, availability was the clear leader at 40% over security’s 32%. But the next year the two categories were neck and neck…
Read MoreAccept that breaches are inevitable in today’s world, then take these steps to reduce the chances of a large-scale, headline-making compromise. Source link lol
Read MoreIf you’re not evaluating risk in terms of likelihood and impact, you could be focusing your security efforts in all the wrong places. Source link lol
Read MoreThe obvious takeaway here is that these two most commonly breached application vulnerabilities represent low hanging fruit for attackers. Forum software is a favorite target for attackers because they consume user content that if not sanitized properly could be a crafty little malicious script that injects a PHP backdoor. Forum makers (as well as CMS providers…
Read MoreWe’re in an exciting time in our profession. There is a lot of new technology, a huge demand for our skills, and a bright future that promises only more work for us. Yet, this excitement is a two-edged blade. We often hear from peers about how hard it is to hire good security folks. My…
Read More