Tag: Controls
Depending on third parties is inescapable. Every organization needs software, hardware, Internet connectivity, power, and buildings. It’s unlikely they’re going to do all those things themselves. That means that organizations must be dependent on others outside themselves. With that dependence comes risk. F5 recently partnered with Ponemon Institute to survey CISOs. In the report, The Evolving…
Read MoreIn part I of this series, I explored some of the issues surrounding the fact that we have managed to build networks so large and complex that it is essentially impossible to grasp any significant fraction of network activities without asking for help from… the network itself. In this installment, I delve into some actual techniques…
Read MoreDestruction, loss of data, intellectual property theft, fraud, embezzlement, disruption to business, restoration—globally, the costs of dealing with hacking, which were estimated at $3 trillion in 2015, are projected to double to $6 trillion annually by 2021.1 Yet under US law, it’s illegal to attack the hackers back. Way back in February, a Georgia Republican…
Read MoreExecutives are slowly but surely recognizing the ramifications of providing the wrong answer when asked the questions: “Prior to the breach, did we train our employees in the acceptable use of company assets? Did we train them about what they could and could not do?” Do you work for a company that requires employees to sign…
Read MoreStrong security starts with understanding exactly what you need to protect and where it resides within your organization. Source link lol
Read MoreFor years I wondered why business groups would move forward with technology initiatives before fully understanding their risk exposure. Focused on the business outcome, teams always wanted to implement first and figure out the risks later. Problem is, risks are intrinsic to business outcomes. A solution is only as valuable as the information flowing through…
Read MoreA large technology consultancy with thousands of employees spread across north America and Europe is now approaching 99% cloud deployment for their applications. The consultancy believes this is the right solution to provide flexible and secure application deployment for their widely dispersed user community. The migration from on-premises to cloud-delivery began a decade ago with…
Read MoreForward Secrecy’s day has come – for most. The cryptographic technique (sometimes called Perfect Forward Secrecy or PFS), adds an additional layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic. With forward secrecy, even if a third party were to record an encrypted session, and later gain…
Read MoreAs I write this, the industry is still wagging its fingers at the latest big breach. But in the time that it takes to get this published, there could easily be another colossal security disaster that leaves large numbers of people’s private information exposed. And with every headline announcing a security failure comes the anger…
Read MoreWe’ve heard this story before: an employee leaves a laptop in their car and it gets stolen. In January 2018, 43,000 patients had their personal medical history exposed in this manner.1 In fact, stolen physical devices containing confidential data were the cause of over a million records leaked in 2017 alone. A recent article in…
Read More