National Cybersecurity Awareness month is upon us. And, so is the opportunity to look at what common C-suite misconceptions could be handcuffing security awareness efforts.
As we enter the back half of 2020, now is the time to look at myths and highlight their relevancy in this chaotic year. Which myths are in the modern threat landscape? An
Training your team on security awareness is an essential part of a successful security program. And, new employee onboarding is an optimal time to introduce your staff to your security best practices.
This is in large part due to the fact that they likely won’t know your company’s protocols for secure information nor how to securely navigate int
In the post-COVID-19 economy, cyber risk and cybersecurity will play a central role in unlocking mergers and acquisitions (M&A) deal valuations.
While economic uncertainty has contributed to a decline in M&A activity in the first half of 2020, many analysts expect an increase in deals during 2020-21 based on several conditions.
The Mergers and Acqui
Risk management is an important element in using data to get ahead of cybersecurity risks before they happen. The costs of protecting an enterprise of any size against cyber attacks continue to rise. Once a business truly understands the consequences of an incident, its leaders must decide how to manage the risk. They can choose to accept, reduce or av
The importance of security culture can be seen now more than ever. Many of us work remotely; there are app concerns; and the lines between personal and business use of devices and networks are blurred, challenging our cyber resilience. Therefore, despite all the great tools, frameworks and protective measures in place, we need to ensure people are doin
As cyberattacks become more prevalent and sophisticated, companies must put more faith in their employees to make sure they don’t put data at risk or fall victim to ransomware. But, employees are busier than ever. And, creating a cybersecurity culture at work becomes both more important and more challenging when employees work at home.
Creating a stro
All of us know what a Chief Information Security Officer (CISO) does from afar. A CISO upholds the organization’s overall security by overseeing the operations of the IS practice, the IT security department and related staff. In this capacity, those who become a CISO attain the highest paying job in information security, as it carries the associated responsi
At a time when layoffs are painfully common, now might not seem like a great time to look for a new job or switch careers. Or, is it?
The cybersecurity skills gap has not gone away, and companies of all kinds are in need of people with knowledge in this area. And, it’s not just the wealth of jobs that make a cybersecurity career compelling right now.
Cybersecurity frameworks are notoriously expensive to build and maintain. And, business leaders are frequently dissatisfied with their effectiveness. According to research conducted by the Ponemon Institute, enterprises spend an average of $2.86 million per year on their in-house security operations center (SOC), with more than half of those costs allo
The cybersecurity talent gap is real. The 2019/2020 Official Annual Cybersecurity Jobs Report predicts that there will be 3.5 million security jobs left unfilled globally by 2021. The cybersecurity profession hit a 0% unemployment rate and the pay is good. So, why are security leaders struggling to fill positions? It could be because they are looking for th
This is the first in a blog series that will focus on all phases of security delivery: design, dev/build, test, deploy, operate and learn.
Many organizations are facing new cybersecurity concerns as they look to accelerate their digital transformations for themselves and their customers. At the same time, information technology (IT) and operations are
The current information security landscape is rapidly evolving. According to the latest research from IBM Security and the Ponemon Institute’s 2020 Cyber Resilient Organization Report, 67% of organizations reported that the volume of attacks had significantly increased over the past 12 months. It’s not just the amount of attacks that grew; 64% o
What is cyber resilience?
According to IBM Security’s 2020 Cyber Resilient Organization Report, a cyber resilient organization is one that “more effectively prevents, detects, contains and responds to a myriad of serious threats against data, applications and IT infrastructure.”
In a more colloquial sense, the “further alo
What is an insider threat? Insider threats are users with legitimate access to company assets who use that access, whether maliciously or unintentionally, to cause harm to the business. Insider threats aren’t necessarily current employees, they can also be former employees, contractors or partners who have access to an organization’s systems or d
The Ponemon Institute just released its annual “The Cyber Resilient Organization” report, sponsored by IBM Security. In its fifth year, this study takes an in-depth look at organizations’ ability to prevent, detect, contain and respond to cyberattacks. The report examines changes in cyber resilience and identifies approaches and best practices organizations