HackDig : Dig high-quality web security articles for hackers

Plights of the Round Table – Strategic Lessons from the Casino

In Part 1 of the Plights of the Round Table, the executive staff of Camelot was working on the strategic plan for the following year.Morgan, the CEO, needs to decide how to spend her limited budget for the best interest of Camelot.Lana, the VP of Sales, thinks they should invest in horses for their knights.Susan, the CISO, would rather the money go to upgrad
Publish At:2020-02-09 10:22 | Read:537 | Comments:0 | Tags:Risk-Based Security for Executives CISO Risk Management vuln

The Importance of a Strategic Response to Cyber Incidents

There are a variety of ways a company can experience cyber incidents, ranging from a distributed denial of service network attack to internal information theft.The first response is usually to enlist incident response professionals to resolve the issue as quickly and efficiently as possible. However, there are several factors companies should consider in det
Publish At:2017-03-21 08:55 | Read:4903 | Comments:0 | Tags:Featured Articles Risk-Based Security for Executives data br

Risk Management: Aligning Information Security Activities with the Enterprise

In any organisation, even the most uncomplicated business decisions have their associated risks. Such risks involve people, processes and technology, and they must be systematically identified and addressed on time and on budget.Risk management, as we know, is a process through which the uncertainties around delivering an objective are managed.Information Se
Publish At:2016-11-22 05:30 | Read:8253 | Comments:0 | Tags:Featured Articles Risk-Based Security for Executives Enterpr

How We Can Turn the Tide on Cyber Security in 2016

By any measurement, 2015 was another bad year for the world in terms of cyber security.Despite record spending of more than $75 billion USD, losses were still estimated to be around $400 billion, with some firms predicting losses will grow to over $2 trillion by the end of 2020.But 2016 doesn’t have to be another losing year for cyber security professionals
Publish At:2015-12-31 01:30 | Read:2774 | Comments:0 | Tags:Risk-Based Security for Executives cybersecurity risk securi

Security 101 for CEOs

There are important security lessons for CEOs following the embarrassing revelation that a teenager hacked into the personal email accounts of CIA Director John Brennan and Homeland Security Secretary Jeh Johnson. This isn’t the first nor will it be the last time that people hack into accounts using a variety of techniques; it illustrates the lengths t
Publish At:2015-11-12 02:40 | Read:4473 | Comments:0 | Tags:Featured Articles Risk-Based Security for Executives ceos CI

Takeaways From The 2016 PwC Global State of Information Security Survey

Now in its 18th year, The Global State of Information Security® Survey 2016 – a worldwide survey by CIO, CSO and PwC – observes a fundamental shift in the way business leaders are responding to today’s biggest security challenges.Recognizing the rising cyber risks, a growing number of boards and executives are taking action to improve their organization’s se
Publish At:2015-10-23 14:30 | Read:4817 | Comments:0 | Tags:Connecting Security to the Business Featured Articles Risk-B

Understanding External Security Threats

Cyber security is now a board-level risk across the entire spread of industry. However, it is a broad subject with a large number of unknowns, and some might say there’s no real way to ever discover or quantify those unknowns.Unfortunately, this can result in cyber security being poorly understood and boards vulnerable to being misled by ‘snake-oil’ so
Publish At:2015-10-07 13:20 | Read:5285 | Comments:0 | Tags:Featured Articles Risk-Based Security for Executives Defense

A Security Wake Up Call for Chief Information Officers

The nation is in the midst of a torrent of major data breaches. The most recent breaches include the Ashley Madison breach, the Office of Personnel Management breach, and the theft of millions of dollars from small- to mid-size businesses. In addition to the financial impacts, the breaches include the release of personal-data including social security number
Publish At:2015-09-07 07:25 | Read:4201 | Comments:0 | Tags:Featured Articles Risk-Based Security for Executives Ashley

In the Trenches: Helen Patton, Ohio State University CISO

I was recently quoted in eCampus News regarding the recent cyber attack against Penn State, which triggered a number of conversations with CISO’s at various academic institutions.One of these conversations was with Helen Patton, the Chief Information Security Officer for Ohio State University. I had a very interesting dialogue with her via email, and a
Publish At:2015-06-30 05:20 | Read:3332 | Comments:0 | Tags:Risk-Based Security for Executives CISO Penn State security

People Are The Problem (And Solution)

Reading through the Verizon Data Breach Investigations Report (aka DBIR), the amount of information about last year’s breaches is daunting. Let’s look at one category of the report—Phishing.Teach a man to phish?Why did I focus on phishing? Because it is on the mind of a lot of CISOs these days. As we know, quite a few high-profile breaches have c
Publish At:2015-04-15 00:45 | Read:4702 | Comments:0 | Tags:Risk-Based Security for Executives Security Awareness Data B

IT and Security Professionals Confident in Foundational Controls

In Tripwire’s recent survey of IT professionals and executives, respondents reported high confidence in both the value and the application of basic, foundational security controls—accurate and complete hardware and software inventory, system hardening through secure configurations and patch and vulnerability management—in their enterprises.From the perspecti
Publish At:2014-11-10 13:35 | Read:3468 | Comments:0 | Tags:Connecting Security to the Business Risk-Based Security for

Why Executives Love Security Boiled Down To Red, Yellow and Green

Last week, I was in a meeting with about a dozen senior executives discussing the The 20 Critical Security Controls. These were once known as the “SANS Top 20” and have been taken over by the non-profit Council on Cybersecurity to provide independent stewardship of these excellent controls.The 20 Critical Security Controls is a prioritized list – the first f
Publish At:2014-09-18 00:00 | Read:4670 | Comments:0 | Tags:Connecting Security to the Business Featured Articles Risk-B

Boards Should Worry, Too: 5 Corporate Principles to Better Cyber Risk Oversight

One of the biggest challenges facing heads of information security is the ability to effectively communicate the value of their team’s efforts across the organization, especially to the decision-making executives that lack the technical understanding of the cybersecurity threat and risk landscape.In an effort to reduce the knowledge gap and raise awareness a
Publish At:2014-08-10 14:08 | Read:5114 | Comments:0 | Tags:Connecting Security to the Business Risk-Based Security for


Tag Cloud