Every chief information security officer (CISO) faces ongoing threats to his or her company’s assets. While some threats apply to every industry, IT security specialists in the health care, financial services, and energy and utilities sectors need to pay more attention to industry-specific security risks. Although these threats are most prevalent in th

In health care, cyberthreats pose a substantial risk to patient safety, systems of care and business continuity. The security of electronic medical information has a tremendous impact on data access, which directly affects quality of care, patients’ rights to privacy and the professional standing of health care organizations. Practitioners can only mak

There are two popular attitudes about cloud security, and both of them are wrong. One belief is that putting data in the cloud amounts to putting it on the public internet for anyone to access. Therefore, the only way to keep data safe is to keep it at home and out of the cloud altogether. The opposite belief is that cloud providers cover their own bases wel

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple

Your mission, should you choose to accept it, involves the identification and protection of the Personal Data of residents in the European Union (EU). You may select key data security solutions to aid you. You have only eight months to complete this mission. Continue reading for specific steps to take. This message will self-destruct in 10 seconds. Sound int

The health care market is quite heterogeneous, and as a result, each organization has a unique set of cybsersecurity needs and characteristics. The industry includes hospitals of all sizes, local doctoral consortia, public health care institutions and individual physicians. Naturally, health care security risks vary depending on the size and type of organiza

The art and science known as risk management has been around for years. It is applied in a broad array of areas, including insurance, credit risk ratings, stock and other market risk ratings, foreign policy decisions, military responses and many others. The true irony is that, although risk management has been applied to many aspects of IT, such as change ma

We all do it. We look at a deadline that’s months away and we tell ourselves we’ve got lots of time to think about it. In fact, that’s probably what you thought when you first heard about the European Union (EU) General Data Protection Regulation (GDPR), which takes effect May 25, 2018. Even now, it’s still months away — right? So w

Critical digital and physical assets are becoming increasingly vulnerable due to accelerated connectivity, differing global regulatory requirements, joint ventures and business partnerships and security weaknesses within complex multinational supply chains. These factors have led to a rise in insider threats for enterprises across all industries. An insider

As public administrators have learned, efficiency in government is largely a matter of executing the small things well. A saved mailing expense or avoided delay can add up to a lot more work for a lot less tax money, which is one practical definition of good government in action. One example of this process is a current U.S. Census Bureau initiative to imple

Every day, organizations rely on security information and event management (SIEM) solutions to protect, control and monitor their technology infrastructures. These platforms serve as early detection tools for security threats. But how can security professionals validate that their SIEM systems are properly configured and aligned with the organization’s

The purveyors of modern threats are not trying to simply deface your website or own your web server. These advanced attackers are attempting to siphon critical and sensitive data from your network over long periods of time, and do so undetected. Where Is Your Data? When threat hunting, at a minimum, you should know where your critical data is stored and how

The benefits of a comprehensive IT asset management (ITAM) program may seem obvious since it provides the data needed to strategically and tactically manage the life cycle of IT assets from purchase to end of life. Of course, companies can leverage IT asset management to reduce costs, improve operational efficiency, determine the full cost of existing invest

The job of the chief information security officer (CISO) has changed from that of a security services manager to one that has responsibility across the entire enterprise. It has become a leadership position that requires organized thinking and detail-oriented concentration on a consistent basis. Given the rapid expansion and increasing sophistication of thre

Pencils? Check. Notebooks? Check. Web applications and servers patched and sanitized? Hopefully. In many parts of the world, educators and students in primary, secondary and higher education institutions are reviewing their checklists to ensure academic preparedness for the new school year. But what about the education sector’s IT workers? What should