Articles Tagged with ''cyber risk mitigation''

Why 'Low Severity' Vulnerabilities Can Still Be 'High Risk'

The Hazards of Focusing Only on Fixing 'High' and 'Critical' Severity Vulnerabilities

November 22, 2016

It’s not that fixing Critical and High-Severity vulnerabilities is the problem; it’s that the Medium and Low severity vulnerabilities can pose significant risks as well. For any given vulnerability, we need to distinguish between its severity and the risk that results from it being present on a particular system on our network.

Duplicate Alerts Draining Security Analysts' Time

New research shows that 30 percent of analysts' manpower is lost to duplicate alerts.

Garry Fatakhov Yair Stern

November 22, 2016

Essentially, one-third of analysts’ time is being spent on processing alerts that have unknowingly already been processed, and at present SOC teams are left with little ability to make this distinction resulting in massive manpower drain.

Cyberattack Predictions: Are We Getting Them Right?

Eric Basu

November 8, 2016

In 2015, it seemed no one was safe from hackers. The year began with Sony reeling from a hack that put the studio and celebrities such as Seth Rogen and James Franco in a web of geopolitics and extortion. Seven months later came the high-profile Ashley Madison hack, which resulted in the release of the email and physical addresses for 37 million users. Cybercriminals stole $1 billion from banks in 30 countries as part of the Carbanak hack. Even the Director of the CIA wasn’t safe – his AOL email account was hacked by someone claiming to be a high school student.

Michael Bruemmer

November 8, 2016

Being adequately prepared to respond to a data breach is an ever-changing game – new threats are emerging, new regulations are being put into place and companies must regularly re-evaluate their response plans to ensure they are applicable to today’s threat landscape. Unfortunately, many companies are not reviewing and updating their plans frequently enough – in fact, only 25 percent of companies say they update their response plans once or twice a year. Not to mention that no matter how well prepared and updated a company’s plan is, an actual live breach response can present unforeseen challenges that cause companies to stumble.

Cyber Threats - Strategic and Operational Risks

Kevin Coleman

November 2, 2016

The cyber threats we experience today have become frequent, complex and challenging.

Connecticut Names State's First Chief Cybersecurity Risk Officer

October 13, 2016

Connecticut Gov. Dannel Malloy announced the hire of Arthur House as chief cybersecurity risk officer, the first to fill the role for the state.

Assessing Cybersecurity Risk Through CISO and C-Suite Collaboration

Defining an organization's cybersecurity risk is a team effort.

Sean Curran David Chaddock

October 11, 2016

While an organization’s CISO focuses on cybersecurity, they depend on the C-suite to combine business operations and necessary security measures to find success.

Fourth Annual Data Breach Study: Planning Does Not Equal Preparedness

October 5, 2016

Findings from an annual Ponemon study on data breaches showed that while more companies have plans in place, they still lack confidence and are failing to take crucial steps as part of the preparedness process, preventing them from being truly ready for a real life data breach incident.

Want an Ounce of Prevention? Start with a Pound of Detection

Steven Chabinsky

October 1, 2016

It takes months for most computer intrusion victims to learn they were breached. Unfortunately, the hackers get busy much sooner, often stealing data within days if not minutes.

board of directors, cybersecurity, security leadership

Why and How Cybersecurity is Your Board's Business Too

4 Ways to Communicate Security's Value to Your C-Suite

Guy Caspi

August 8, 2016

It’s essential that boards understand the organization’s cyber risks in order to successfully oversee overall company performance. CISOs and CSOs who can clearly convey cybersecurity to the board promotes better navigation of the organization in today’s uncertain cybersecurity world.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

How can security leaders charged with investigations handle the management of interviewers and interrogators, as well as handle interviewing, including dealing with false confessions and misleading information?

Poll

Recruiting Diverse Candidates

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products