Articles Tagged with ''enterprise security''

Addressing security risks of personal business in the workplace

Part 2

February 24, 2021

There are numerous solutions organizations can implement to mitigate risks associated with employee use of corporate connected devices in the execution of personal business. In this article, we will delve a bit deeper to explain the pros and cons of implementing a few of the more common solutions. It is important to note, that regardless of the solution, an effective awareness and training program for employees is the number one most effective safeguard for your organization.

Risk and compliance: A 2021 comeback strategy

Haywood Marsh

February 18, 2021

If the experiences of 2020 taught us anything, it’s that risk in the modern world cannot be understood or sufficiently mitigated with a siloed approach. Individual threats, such as regulatory risk and IT security, converge. Lacking a high-level view, it’s difficult to see the web of cause and effect – making it more difficult to anticipate, prepare, or mitigate the biggest risks. 2020 may be over, but the challenges remain in 2021. Compliance and risk management will need a shared umbrella of information and communication to tackle the complex, integrated risks of today’s landscape.

Security presents the Cybersecurity and Geopolitical video podcast or vodcast for all security and risk and resilience professionals at the enterprise level

Security presents the Cybersecurity & Geopolitical video podcast

February 17, 2021

Listen to Ian Thornton-Trump, CISO of Cyjax, and his talking partner Tristan de Souza as they ruminate on some of the biggest issues in cybersecurity and geopolitics each and every month in this highly informative and entertaining video podcast. This month's episode looks at whether U.S. President Joe Biden has committed sufficient resources to cybersecurity; discusses ‘the Putin problem’; ponders about phishing in a pandemic; and talks about the GameStop blow-up.

Merging security compliance and DevOps

Ray Kruck

February 10, 2021

A more foundational goal is to make security and compliance part of the development process from the start. This is a transition that requires DevOps to bring along risk, security and compliance teams into the shared responsibility of making the organization resilient to change. But bringing the idea of shared responsibility to fruition can be difficult because there is a natural tension between DevOps and SecOps, as they have different charters and cultures. DevOps can be seen as more of a do culture (Atlassian calls this a “do-ocracy”) and SecOps can be seen as a control culture and they are inherently in conflict. To fulfill the promise of teaming for shared responsibility, DevOps and SecOps should align on three key objectives: collaboration, communication and integration.

Security teams navigate remote work challenges

Approximately a year after the COVID-19 pandemic pushed organizations around the world to remote and hybrid work, this new way of working will be a mainstay for professional life in some form. Learn how security leaders are navigating their jobs remotely as they pivot to protect facilities, assets, employees and data.

Maria Henriquez

February 3, 2021

With the shift to remote work increased due to the COVID-19 pandemic, security teams working remotely poses its own set of challenges. Learn how security leaders are navigating remote work challenges in their workplaces.

5 minutes with Alan Duric – Security, privacy and more

Maria Henriquez

January 20, 2021

We talk to Alan Duric, co-founder and CTO/COO of Wire, a secure collaboration platform, about the various threats facing enterprises today, as well as how organizations can protect their employees and assets, and why organizations (and vendors) need to make a fundamental change to how they operate by implementing better security, technology, and approaches to build a security-first infrastructure.

Global business risks for 2021 all relate to COVID-19 pandemic

COVID-19 trio tops global business risks for 2021

January 19, 2021

The 10th Allianz Risk Barometer 2021 survey reports potential disruption and loss scenarios companies are facing; this year's top three business risks all relate to the coronavirus pandemic: business interruption (#1 with 41% responses); pandemic outbreak (#2 with 40%) and cyber incidents (#3 with 40%).

NSA releases guidance on encrypted DNS in enterprise environments

January 18, 2021

The National Security Agency (NSA) has released an information sheet with guidance on adopting encrypted Domain Name System (DNS) over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), referred to as DNS over HTTPS (DoH). When configured appropriately, strong enterprise DNS controls can help prevent many initial access, command and control, and exfiltration techniques used by threat actors.

Why outbound email is your organization's biggest security risk

January 18, 2021

On average, organizations experience 180 incidents involving sensitive data, or one every 12 working hours, according to Egress. The three top causes of outbound email data breaches include: the wrong recipient added, wrong file attached or replying to a phishing scam.

Here are the top political and security risks for 2021 that your organization needs to take prepare for

Organizations must prepare for these 2021 security risks now, or may fail to make it in a post-COVID world

Maggie Shein

January 12, 2021

According to global risk consultancy Control Risks’ annual forecast of political and security risks to help businesses prepare for the challenges next year will bring, there are a handful of important ongoing threats into this year that all risk managers and security leaders should be aware of.

The 2026 threat environment will be louder, faster, and more interconnected. The most pressing risks, from global political volatility to emerging tech disruptions, will challenge organizations to act amid ambiguity and protect credibility in an era of accelerating uncertainty.