The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.
Organizations lack a basic understanding of "the landscape of security vulnerabilities," says U.K.-based cybersecurity expert John Walker. He discusses the state of cybersecurity today - including why he prefers the term "verified trust" to Zero Trust - and offers predictions for 2022.
Michael Lines is working with Information Security Media Group to promote awareness of the need for cyber risk management, and as a part of that initiative, the CyberEdBoard will post draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This post's chapter is...
The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
From the rain forest of northern Brazil to the business hub of Sao Paulo, Marco Túlio has built an impressive career in cybersecurity. He discusses the opportunity and challenge of enabling people to step up, succeed and eventually rise to be leaders in their own right.
Like CISOs everywhere, Dawn Cappelli of Rockwell Automation awoke last Friday to news about the Log4j vulnerability and the risk it posed to her company, customers and partners. Here is how she approached triage, response and capturing insights to be shared with other security leaders.
Once, in another role, Rent-A-Center CISO Jason Fruge was asked by senior management to develop a "security scorecard," but he resisted. What were his objections, and how did he address them? Fruge explains in this exclusive leadership discussion.
The saying "Penny-wise, pound-foolish" is relevant when we talk to those friendly, knowledgeable finance people about ongoing employee screening due to the dreaded insider threat and the costs associated with it - which leads to us pulling out our hair in utter frustration. This rant is about that.
Michael Lines is working with Information Security Media Group to promote awareness of the need for cyber risk management, and as a part of that initiative, the CyberEdBoard will post draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself."
CyberEdBoad excutive member Alan Ng of China Taiping Insurance, Singapore, explains the enterprise risk management strategy for the pandemic era and how the Distributed, Immutable and Ephemeral triad works with the Confidentiality, Integrity and Availability triad to make organizations more secure.
Merger and acquisition activity picked up in September with BitSight, Tenable and Mastercard, all making deals. Moody's became BitSight's largest shareholder after making a $250 million investment in the company.
Key challenges from the recent State of Cybersecurity 2021 report include "integrating risk with maturity and keeping up with industry trends," says Jenai Marinkovic, member of the ISACA Emerging Trends Working Group.
While the U.S. government is making strides in improving the nation's cybersecurity, it needs to do more to protect critical infrastructure from attacks and create public-private partnerships to improve national security, the Cyberspace Solarium Commission notes in a report published Thursday.
By issuing a sweeping cybersecurity executive order on Wednesday, the Biden administration is attempting to take a critical step to address security issues that have come to light after recent cyberattacks. Here's an analysis of the order's key elements.
Effective vulnerability management requires more frequent scanning of infrastructure, says Steve Yurich, CISO at Penn National Insurance, who explains his organization's approach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.
