Tag: Strategies
Cybercrime in general—and most recently, crime perpetrated using IoT devices—has become a serious problem. Legislatures around the world have struggled to write laws to rein things in. The problem has been that governments have issued cybersecurity laws that are either too burdensome or ineffective. We’ve seen various breach disclosure acts designed to “name and shame”…
Read MoreThe recently released F5 and Ponemon report, “The Evolving Role of CISOs and their Importance to the Business,” unearthed some disconcerting results about CISO effectiveness. In particular, the following survey question spoke to this point specifically: Are security operations aligned with business objectives? Fully – 26% Partially – 34% Not – 40% Surprisingly, only a quarter of…
Read MoreInformation Security Controls are the bread and butter of audit professionals, the bane of developers, and the playground of security professionals. From a business perspective, they provide a means for enabling business resiliency by protecting and reducing the risk associated with the threat landscape. Insofar as the concept of defense in depth is embraced, it’s…
Read MoreBack in September, I had the honor of moderating a panel session in Hong Kong under the theme of “Is Cybersecurity the Hidden Achilles of Hong Kong’s Digital Economy?”. At that time, China, the world’s leading bitcoin exchange market accounting for 90% of trading worldwide, yet had announced shutting down bitcoin and cryptocurrency exchanges, calling…
Read MoreOn January 9th, 2005, the Donttrip malware infection hit Northwest Hospital,1 a large medical facility in Seattle that served thousands of people. The malware clogged up the hospital’s network systems with surges of exploit network scanning. Medical operations ground to a halt as laboratory diagnostic systems couldn’t transfer data, Intensive Care Unit terminals went offline,…
Read MoreIt is against business priority enablers that we align the following causation models required to present our high-level protection strategy. Causal Model 1 — Threat Landscape We captured the business priorities in the business model’s value proposition. ECS’s desire is to “offer certified and compliant cloud computing services secured with the leading security standards.”…
Read MoreAnything we put online must swim in a sea of enemies. The F5 Labs report, Lessons Learned from a Decade of Data Breaches, revealed that an average breach leaked 35 million records. Nearly 90% of the US population’s social security numbers have been breached to cyber criminals. When confronted by staggering statistics like these, it is…
Read MoreNow hear this: You will always have exposure. No company has the ability to mitigate all risks at all times. No company I’ve ever visited has even had all of its identified risks treated at any given point. Yet so many companies lead their security strategy with controls. They’ll make sizable investments in security appliances…
Read MoreAmong security professionals specifically, the gap is even more significant: 47% chose security and only 26% said availability. This isn’t a surprise—security has been steadily ascendant for the past three years. In 2015, availability was the clear leader at 40% over security’s 32%. But the next year the two categories were neck and neck…
Read MoreAccept that breaches are inevitable in today’s world, then take these steps to reduce the chances of a large-scale, headline-making compromise. Source link lol
Read More