Tag: Risk
There is an unspoken assumption that pervades the information security industry. It is a vestige from the days when system administrators were the security staff, and the ways in which customers and organizations interacted with the Internet were markedly different from how they are now. This assumption is that the boundary that separates our network…
Read MoreLearn from CISOs who describe how they would “do it over” again in some of their early security program deployments. Source link lol
Read MoreWe wrote an article recently asking security leaders to talk about their past failures and the lessons they wanted to pass on to others. We called it If I Had to Do It Over Again, and our readers really liked it. A number of folks approached me wanting to tell their stories as well, so…
Read MoreOver the years, I’ve seen articles comparing cybersecurity to martial arts, so I’ve been reluctant to write one. I’ll be the first to admit, I’m no Jeremiah Grossman, black belt in Brazilian Jiu-Jitsu, but I have done martial arts on and off since I was in elementary school. Now that my son has begun that…
Read MoreAt the beginning of this year, we invited security leaders to talk about their past failures and the lessons they wanted to pass on. We called it If we had to do it again, and people really liked it. A number of folks approached me wanting to tell their stories as well; so a month…
Read MoreWhile cloud allows us to offload many responsibilities to third party providers, risk is not one of them. What’s more, is that the rising use of cloud, shared code libraries and other third party resources reduces the visibility and control businesses have over their apps and data – making them even more vulnerable. Businesses today…
Read MoreMobile World Congress: cancelled due to Coronavirus. IBM and others pulled out of the RSA Conference for the same reason. Supply chains are in jeopardy, since so much technology is manufactured in China. It seems even we in the tech world can’t avoid getting pulled into the Coronavirus gravity well. While this pandemic isn’t hitting…
Read MoreCOVID-19, aka the Coronavirus, is really starting to worry people. It’s an unfamiliar, seemingly unnatural new threat dragging a lot of uncertain baggage with it. It has already caused global disruptions on both the macro- and micro-scale. All over the world, organizations and individuals are mobilizing response plans, and that’s a good thing. The U.S.…
Read MoreDifficult security incidents are unique and valuable opportunities. They are the sort of testing you can’t buy: real-world, un-simulated, and direct. No pen-test or code review is going to do what a serious incident will. They are priceless jewels, but only if you use them for all they’re worth. Capturing that value is only possible…
Read MoreThis is the first in a three-part series on the new Department of Defense (DoD) audit requirement called Cybersecurity Maturity Model Certification (CMMC). This first part introduces CMMC and what it means for the future of U.S. government suppliers of cybersecurity. Part two will discuss how to prepare for a CMMC audit. Part 3 will…
Read More