The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren't updating or practicing the plan regularly, according to study released earlier this month."When it comes to managing a data breach, havin

Aiming to help its members increase their cyber resilience, the Information Security Forum (ISF) today launched its global ISF Consultancy Services, focused on providing short-term, professional counsel to support the implementation of the non-profit association's resources and products."We're providing practical support to use the ISF tools either on a

When you hear the phrase "getting ahead of shadow IT," it typically comes from a CIO who is implementing new technologies so that employs won’t take it upon themselves to purchase tools. But you don't expect such proactive practices from an enterprise's information security team, which a CIO often enlists to place a moat around corporate assets.

Two high-profile airline technology meltdowns stranding thousands of travelers in the recent weeks have prompted two US senators to push carriers to bolster their technology.Senators Richard Blumenthal (D-Conn.) and Edward J. Markey (D-Mass.)this week sent a letter to the most recent offenders -- Delta and Southwest -- as well as 11 other airline

Most companies fail to secure the "keys to the kingdom," according to a new benchmark survey .Last week, privileged account management (PAM) specialist Thycotic and research firm Cybersecurity Ventures released their 2016 State of Privileged Account Management security report, based on the responses of more than 500 IT security professionals who

IT decision-makers who have responsibility for security believe security teams are brought in too late to have a meaningful effect on digital transformation initiatives, according to a new study.Dimensional Research, commissioned by by Dell, recently surveyed 631 IT decision-makers with responsibility for security from companies with 1,000 or mor

Maybe you have heard these words: “Cybercrime is big business.” Big business indeed. For the hackers that is. The 2016 Trustwave Global Security Report shows how hackers launching a malware infection campaign could expect to earn a breathtaking $84,100 in profit from an initial investment of just $5,900. This represents a return on investment of

New Omni Hotels & Resorts CIO Ken Barnes is mulling how to shore up corporate defense in the wake of a cybersecurity attack that impacted 48 of its 60 hotels in North America. Barnes, who started in May, of course says he plans to improve the protection for Omni's payment processing systems. New defenses could include analytics that detect an

Digital transformation. It's a reality that few companies today can escape. For some, the process is well underway. For many others, it's an oncoming inevitability. Whichever side of the gap your organization is on, you're probably facing a "security effectiveness gap" as the process brings more users, devices and applications online, creating an

“Data governance applies to everything that we do,” shared Janice Haith, Department of Navy’s Deputy CIO. And, being responsible for complex, mission-critical initiatives such as enterprise architecture, software licensing, information assurance, data and help desk consolidation, and compliance, to name a few – means there is a lot of data to be dealt wi

Employee-related security risks top the list of concerns for security professionals, but organizations aren't doing enough to prevent negligent employee behavior, according to a new study.Last month, security research firm Ponemon Institute, sponsored by Experian Data Breach Resolution, surveyed 601 individuals at companies with a data protection and pri

Many companies are striving to be more agile, efficient and productive in response to uncertain economic conditions in 2016.  Capital projects have been cancelled while companies shift their attention to surviving in the current environment without hindering their ability to expand in the future. Functional areas are facing significant pressure to cut co

When it comes to security, insider threats are an unfortunate fact of life. But if you're thinking only about combatting malicious insiders, you may be miscalculating the risk."The insider threat is much broader," says Steve Durbin, managing director of the Information Security Forum (ISF), a nonprofit association that assesses security and risk manageme

What are clouds?That's a question a child might ask, but for CIOs today, the answer centers on a completely different meaning. Top tech chiefs and company executives are trying to figure out how to use cloud technology and to what degree it should be part of their company strategy.Without a doubt, statistics show the cloud can no longer be ignored:Accord

Last year began and ended with a series of high-profile cybersecurity attacks, starting with the pilfering of 80 million Social Security records at health insurer Anthem and culminating with infiltrations at Starwood, Hilton and Hyatt hotel chains. Expect digital assaults, -- ranging from standard malware to more sophisticated, clandestine entries -- to