This is the first in a blog series that will focus on all phases of security delivery: design, dev/build, test, deploy, operate and learn.  Many organizations are facing new cybersecurity concerns as they look to accelerate their digital transformations for themselves and their customers. At the same time, information technology (IT) and operations are

The current information security landscape is rapidly evolving. According to the latest research from IBM Security and the Ponemon Institute’s 2020 Cyber Resilient Organization Report, 67% of organizations reported that the volume of attacks had significantly increased over the past 12 months. It’s not just the amount of attacks that grew; 64% o

What is cyber resilience?  According to IBM Security’s 2020 Cyber Resilient Organization Report, a cyber resilient organization is one that “more effectively prevents, detects, contains and responds to a myriad of serious threats against data, applications and IT infrastructure.”  In a more colloquial sense, the “further alo

What is an insider threat? Insider threats are users with legitimate access to company assets who use that access, whether maliciously or unintentionally, to cause harm to the business. Insider threats aren’t necessarily current employees, they can also be former employees, contractors or partners who have access to an organization’s systems or d

The Ponemon Institute just released its annual “The Cyber Resilient Organization” report, sponsored by IBM Security. In its fifth year, this study takes an in-depth look at organizations’ ability to prevent, detect, contain and respond to cyberattacks. The report examines changes in cyber resilience and identifies approaches and best practices organizations

The events of early 2020 have prompted organizations to shift priorities across the board, and security processes are no exception. While the current working environment has presented numerous short-term challenges, it has also caused security leaders to take a fresh look at what really matters to their businesses. The cybersecurity trends that emerge could

At the outset of the COVID-19 pandemic, when governments around the world put stay-at-home orders in place, it was hard to imagine the state of work would permanently change. Yet, as organizations rapidly adopted and expanded systems to enable a remote workforce — which doubled in size in just three weeks — company cultures began shifting, too. As employees

A common challenge security teams face is ensuring their organization can continue to operate despite cyber attacks — in other words, to demonstrate their cyber resilience. Research from the Ponemon Institute acknowledges that the volume and severity of cyber attacks continues to rise, but suggests that organizations can improve their cyber resilience by a c

As organizations prepare for the remainder of 2020, cybersecurity leaders can use this opportunity to review their communication style and improve how they share key messages across the organization. Taking time to refine business communication can help those in security and technical leadership roles heighten the effectiveness of their messaging and ensure

In March 2020, the U.S. Cyberspace Solarium Commission released its report detailing numerous recommendations for how the nation can strengthen its online infrastructure and overall security posture. The Cyberspace Solarium Commission tackled issues of security strategy and overall cybersecurity preparedness across both the private and public sectors in the

In January, the World Economic Forum (WEF) again included cyberattacks as one of the top 10 most likely and significant risks to society in 2020. Less than two months later, ways of working underwent a drastic change due to the global pandemic. With so many employees working remotely and many business functions now in the cloud, organizations are rethinking

The COVID-19 health crisis almost instantly changed how the world works, bringing with it new security threats and challenges. As organizations work to find the path forward and emerge stronger on the other side, it’s important to take stock of where we are and where we need to be. Working Together While Apart Like many other organizations, ours transitioned

While organizations around the world are rightly focused on the COVID-19 pandemic, the work of cybersecurity must continue. In fact, attackers often increase their efforts to breach networks and systems during times of trouble, counting on the chaos as a useful distraction. In such times, the best cybersecurity practices should actually refocus on the most b

Security teams today are facing increased challenges due to the “new normal” created by the recent global health crisis. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees must move to a virtual security operations center (SOC) model while address

Preparing for the Unpredictable There may be some elephants in the board room from time to time, but what about Black Swans or Gray Rhinos? Many of us might be ignoring the warnings of risks to our business from “corporate Cassandras” — named for the priestess in Greek mythology who was cursed to pronounce true prophecies, but never to be believed. By unders