It’s never been harder to be a chief information security officer (CISO). In 2021, there were 50% more attacks each week compared to 2020. Without a plan, maintaining a robust security posture is an uphill struggle.  Thankfully, the National Institute of Standards and Technology (NIST) offers CISOs the guidance they need. Read on to learn more ab

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. New research in this year’s report also reveals for the first time that 83% of organizations in the study have experienced more than one data br

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale. Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of data storage and correspondence h

In 2022, the buzz phrase of the year has to be “The Great Resignation”. What is it? It’s a term coined to describe the current rise in people leaving their employer to find work elsewhere.But people have always moved on, right? Of course they have. Staff retention rates have always been a target for most HR functions. But something is different in 2022. More

The job of a CISO is one of constant change and unexpected challenges.  One of the most energetic environments to govern is that of a university. Universities function not only as academic institutions, but also as research hubs, hosting both curious students, as well as notable scholars.  This is an audience not known for slow-motion progress. The

Companies that have low retention rates are likely to increase their risk of a cybersecurity attack. The recent ISACA’s State of the Cybersecurity Workforce study found that 69% of respondents whose companies faced more attacks in the past year report being somewhat or very understaffed. However, retention is becoming a bigger challenge. The report al

Retaining cybersecurity talent can be difficult. Along with our previous tips, how can you attract great workers?   Difficulties and Positive Changes   The recent ISACA State of Cybersecurity 2022 survey provides some key markers: Unfilled positions are on the rise (not good) Existing teams are understaffed (not good) Budgets are (finall

After a company discovers a cyber attack on its network, the finger-pointing begins. The CEO blames the chief information security officer (CISO). The CISO blames the financial officers for not setting aside enough money for cyber defenses. The chief information officer begins to look for a scapegoat further down the supply chain. Maybe they fire a low-leve

COVID-19 may have given cybersecurity talent retention an artificial prop up over the last two years. For example, job satisfaction was on a downward trend from 2018 to 2019, but with the pandemic came a plateau in 2020 and 2021. Was the plateau due to newfound satisfaction or were there other factors, such as economic instability, lockdowns and mandates? I

Does the left hand know what the right hand is doing? Or does even the left pinky know what the left ring finger is doing? Problems can easily arise when policies, including cybersecurity ones, end up being out of sync with business, technical, legal or regulatory requirements. The situation becomes even more severe when policy drafters end up with some str

As businesses embrace more remote users and a hybrid work model, managing user identity and access is more important than ever. Add authentication for millions of third parties and non-employees, and thousands of applications and IoT devices to the mix and you start to understand how important identity and access management (IAM) is.  What Exactly Is I

Today’s Security Operations Centers (SOCs) are being stress-tested as never before. As the heart of any organization’s cybersecurity apparatus, SOCs are the first line of defense, running 24/7 operations to watch for alerts of attacks and appropriately address those alerts before they become all-out crises. Yet with ransomware attacks maintainin

As we celebrate Earth Day 2022, companies around the world, including IBM, are continuing broad investment in efforts to combat climate change and strive to bring new ideas to the world in support of sustainability and to make the world a better place for future generations. While the connection between cybersecurity and the environment is not clear to many

This is a time of major changes for businesses and agencies. That includes the move to the cloud and the shift to being digital-first. So, cybersecurity has moved to a front-and-center position in many companies and industries. When talking about security, it’s easy to focus on the tools and technologies. After all, they’re what we use to keep a

Staffing for cybersecurity has always presented a challenge. But with the old skills shortage combined with the new “Great Resignation,” hiring the right candidates has never been more important.  The first step in looking at any prospective hire is to review resumes. People often don’t appreciate this process. It’s easy, f