HackDig : Dig high-quality web security articles for hacker

Risk Governance: The True Secret Weapon of Cybersecurity

This season’s featured cybersecurity nightmare may be ransomware, but breaches of all kinds are going up in both numbers and cost. In response, security vendors are offering sophisticated — and costly — solutions to defend against evermore sophisticated attackers. However, the most effective protective measures have nothing to do with specific software
Publish At:2017-09-08 10:00 | Read:226 | Comments:0 | Tags:Risk Management Access Governance Access Management Cybercri

Shrink Your Enterprise Cloud Computing Security Concerns With a Cloud Vendor Risk Management Program

According to a recent Forrester report, enterprise cloud computing adoption accelerated in 2016 and will do so again in 2017. Software-as-a-service (SaaS) remains the largest portion of the public cloud market, with global spending expected to reach $105 billion in 2017 and $155 billion by 2020. Infrastructure-as-a-service (IaaS) and platform-as-a-service (
Publish At:2017-08-22 09:30 | Read:240 | Comments:0 | Tags:Cloud Security Risk Management Cloud Cloud Adoption Cloud Co

Assessing Risks and Remediating Threats With a Layered Approach to Vulnerability Management

Companies need to do more than just scan for known problems and provide huge vulnerability reports to system and network administrators for remediation. According to Gartner, known vulnerabilities still comprise 99 percent of all known exploit traffic. Furthermore, malware, ransomware and exploit kits target vulnerabilities that are six months or older on av
Publish At:2017-08-09 07:50 | Read:252 | Comments:0 | Tags:CISO Risk Management Security Intelligence & Analytics Patch

Master the Basics to Manage IoT Security Risks

The very term Internet of Things (IoT) can sound like the buzziest of buzzwords. We all know we need to be aware of and plan for it, but sifting through all the security guidance about the IoT can be overwhelming. Moving Beyond Buzzwords To help cut through the noise, IBM released a new report, “Smart Things Call for Smart Risk Management,” detai
Publish At:2017-08-04 01:45 | Read:366 | Comments:0 | Tags:Mobile Security Risk Management Cognitive Security Connected

Caveat Emptor: Identifying Insider Threats Acquired From Mergers and Acquisitions

With all the industry studies, articles and literature related to insider threats, it is baffling to see that very few have focused on how insider threats are acquired — in fact, paid for — during a merger and acquisition process. Organizations are so fixated on driving profits and staying competitive that they gobble up any tangible asset they can. Compani
Publish At:2017-08-02 12:30 | Read:342 | Comments:0 | Tags:Risk Management Acquisition audit Insider Threat Risk Risk A

Four Ways CISOs Can Play a Key Role in Educating Top Leadership About Cyber Risks

“There are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns — the ones we don’t know we don’t know.” — Donald Rumsfeld, former U.S. Secretary of Defense Board directors are under pressure to demonstr
Publish At:2017-06-28 14:55 | Read:469 | Comments:0 | Tags:CISO Risk Management Chief Information Security Officer (CIS

In Search of Equilibrium: Compliance and Security

The Moody Blues searched for the “Lost Chord,” Captain Kirk searched for Spock and the “In Search Of” television show sought to solve unexplained mysteries. Similarly, IT and security professionals are always searching for solutions that can balance myriad standards and regulations against a continuously evolving threat landscape. A
Publish At:2017-06-21 17:10 | Read:461 | Comments:0 | Tags:Data Protection Compliance Data Privacy immune system Privac

Disposable Computing is the Answer to Cyber Security for Business

Disposability has become a regular thing in our lives; but you may have taken for granted the value it brings. Cost, convenience and risk are the cornerstones of successful disposability. Disposable computing offers a solution to cyber security and provides you with valuable threat information. This is the first in our two-part series on disposable computi
Publish At:2017-06-21 04:35 | Read:364 | Comments:0 | Tags:Innovation computing convenience cost disposable end users I

Security Awareness: How to Make Your Weakest Link Part of Your Defense

While the origin of the recent WannaCry exploit is still under investigation, there is no doubt that humans remain the weakest link in the chain of defense against cyberattacks. According to the IBM X-Force Threat Intelligence Index, human factors play a major role in various types of attacks. While it’s easy to blame users, many overlook the fact th
Publish At:2017-06-05 14:15 | Read:701 | Comments:0 | Tags:CISO Risk Management Chief Information Security Officer (CIS

Don’t Sit Back and Wait for Security Risks to Disappear

Risk management is the essence of what we do as information security professionals. We identify key security risks and analyze those risks in the context of the business. We then communicate the confirmed or potential outcomes to management. Finally, we decide — or wait for decisions — on how to respond. Misguided Decisions Many security challenges begin at
Publish At:2017-05-24 19:10 | Read:420 | Comments:0 | Tags:CISO Risk Management Chief Information Security Officer (CIS

Traditional Approaches to User Security Training Are Creating Unnecessary Risks

There’s huge gap in most security programs. No, it’s not the lack of management buy-in, limited budget or underimplemented technical controls — it’s weaknesses in your user security training program. There is a widespread assumption that policies can be documented and then tucked away, only to resurface every year or two when people sign of
Publish At:2017-05-19 10:05 | Read:446 | Comments:0 | Tags:CISO Risk Management Risk Security Awareness Security Leader

A Fast Start to Your Security Immune System

There has been a lot of talk about the importance of building a holistic security immune system. That is, an intelligent, integrated way to protect a network using information from many different sources, all of which is ingested by powerful analytics tools to help correlate, prioritize and act on security incidents. When I put together security transformati
Publish At:2017-05-14 01:10 | Read:464 | Comments:0 | Tags:CISO Network Risk Management Compliance Data Protection immu

Signatures Not the Root of Prevention

Faulty file definitions strike once again! On April 24, anti-virus provider Webroot issued an automated update to its signature definitions. This inadvertently quarantined hundreds of critical customer files and applications that it erroneously flagged as malicious. At one time or another, it seems that every anti-malware endpoint security provider has fal
Publish At:2017-05-13 12:35 | Read:418 | Comments:0 | Tags:Breaking News anti-virus file-based updates Isolation malici

Building an Effective CISO-CIO Partnership

For many, the most common reporting structure in today’s business environment is overly complicated. The majority of security leaders around the world report directly to the chief information officer (CIO), which can cause an enormous amount of conflict. That reporting structure, however, is slowly changing for some companies. In those organizations,
Publish At:2017-04-27 01:10 | Read:725 | Comments:0 | Tags:CISO Government C-Suite Chief Information Officer (CIO) Chie

The Sky Is the Limit: Assessing the IoT Impact on Businesses

The Internet of Things (IoT), in which all manner of devices and things are connected, is enabling digital transformation in many walks of life. It’s also heralding the promise that we will soon live in hyperefficient smart cities. But how does this affect business? A recent report from The Economist Intelligence Unit (EIU) gauged the current IoT impac
Publish At:2017-04-19 09:05 | Read:544 | Comments:0 | Tags:Network & Endpoint Risk Management Connected Devices Connect


Share high-quality web security related articles with you:)


Tag Cloud