Articles Tagged with ''cybersecurity preparedness''

The Long and Winding Road to Cyber Recovery

June 1, 2017

Paul McCartney wrote “The Long and Winding Road” while the Beatles were in the throes of dissent and months away from breaking up. Listening now to the song’s yearning lyrics and plaintive melody, is it possible that Sir Paul actually anticipated the NIST Cybersecurity Framework’s Recover function, and was imagining the category titled Recovery Planning?

74 Countries Hit by Massive Wave of Ransomware

May 12, 2017

Security researchers have recorded more than 45,000 cases of ransomware in the past 10 hours alone, most of which are taking advantage of a Microsoft vulnerability.

Three Senators Introduce Bill to Enhance Cybersecurity

March 13, 2017

U.S. Senators John Cornyn (R-TX), Patrick Leahy (D-VT), and Ted Cruz (R-TX) have introduced the National Cybersecurity Preparedness Consortium Act to authorize the U.S. Department of Homeland Security to work with the National Cybersecurity Preparedness Consortium (NCPC) to help prepare for and respond to cybersecurity risks at the national, state, and local levels.

Why 'Low Severity' Vulnerabilities Can Still Be 'High Risk'

The Hazards of Focusing Only on Fixing 'High' and 'Critical' Severity Vulnerabilities

Christopher Camejo

November 22, 2016

It’s not that fixing Critical and High-Severity vulnerabilities is the problem; it’s that the Medium and Low severity vulnerabilities can pose significant risks as well. For any given vulnerability, we need to distinguish between its severity and the risk that results from it being present on a particular system on our network.

7 Strategies to Defend Against Supply Chain Risks in the Digital Era

Javvad Malik

November 8, 2016

Even brick and mortar companies are increasingly leveraging the internet and cloud services to expand their business. As traditional business models have changed to incorporate these resources, the security risks presented have evolved as well. In today’s world of digital business, the security risks faced by the majority of companies have largely shifted into the cyber realm.

Michael Bruemmer

November 8, 2016

Being adequately prepared to respond to a data breach is an ever-changing game – new threats are emerging, new regulations are being put into place and companies must regularly re-evaluate their response plans to ensure they are applicable to today’s threat landscape. Unfortunately, many companies are not reviewing and updating their plans frequently enough – in fact, only 25 percent of companies say they update their response plans once or twice a year. Not to mention that no matter how well prepared and updated a company’s plan is, an actual live breach response can present unforeseen challenges that cause companies to stumble.

Gary Gagnon: Unique-ness

Mark McCourt

November 1, 2014

Many organizations protect their cyber infrastructure by looking inward, focusing on their own networks and systems. They dedicate themselves to reducing the attack surface, assessing their vulnerabilities, and conducting system patching – all to continuously monitor their own networks.

How Y2K Changed the Field of Cybersecurity Technology

Scott Ackerman

October 24, 2014

When looking at the cyber technology market over the past 15 years, it is evident that the catalyst for cyber evolution was Y2K. Prior to the Y2K frenzy, “cybersecurity” was masked in the systems engineering function, and external threats consisted of hackers looking to leverage free computing capabilities with very little focus on information/data access or network destruction.

How Has Cybersecurity Changed Operations?

Maryann Hirsch

October 17, 2014

No operational discussion can start without a look at budgets, and how organizations plan for, and procure, cybersecurity services and solutions. And who is responsible for that budget?

The Changing Cybersecurity Landscape

First of a Four-Part Series for National Cyber Security Awareness Month

Dusty Wince

October 8, 2014

From an executive-level perspective, the greatest shift in cybersecurity relates to the focus and the responsibility – moving from strictly an “IT issue” to one of a business function. Look no further than the Target breach and the subsequent resignations of the company’s CEO and CIO to see how cybersecurity has escalated to the C-suite. This was unprecedented 15 years ago, when the primary cybersecurity role of IT was information assurance. So why has the philosophy changed?

Organizations continuously monitor their networks and systems for risk, yet the people with legitimate access are often the least monitored part of the model. Discover a Workforce Risk Intelligence Framework that adds a dedicated layer focused on workforce risk.

In today’s higher education environment, where institutions face evolving and multifaceted incidents, safety must be embedded into the fabric of campus culture. Learn strategies for generating collective buy-in from faculty, staff, students and senior leadership.