Articles Tagged with ''risk management''

To address the threat cybercriminals and foreign adversaries pose to DOD data, the department recently introduced the Cybersecurity Maturity Model Certification (CMMC). What is the CMMC, what does it consist of, and is it worth the expense? 

As threats evolve from emboldened and increasingly sophisticated malicious actors targeting critical infrastructure, the electric sector has developed a holistic and shared-responsibility approach that has supported key improvements to the security posture and culture of electric companies.

Salt Labs found that nearly every organization using Elastic Stack is affected by a new vulnerability, which makes users susceptible to injection attacks. Bad actors can use injection attacks to exfiltrate data and launch denial of service (DoS) events.  

In acknowledgment of the wide-reaching effects that damage to critical infrastructure organizations and systems can impart, Security has dedicated our October 2021 issue to Critical Infrastructure Security. This month, our features cover the challenges and risks associated with this market sector, along with solutions and best practices security leaders can take to mitigate some of those risks. Here, we cover a few simple steps critical infrastructure security leaders can take to proactively build a program of resiliency.

On-premises infrastructure has long been considered safer and more securable than its cloud counterpart. An increase in cyberattacks on on-premises systems is challenging this surety. 

Your organization risks compliance and disaster protection shortcomings unless your data management practices catch up with the evolution of information sharing.

By making resilience a priority for an organization, business leaders can reduce disruptions and lessen the consequences from risks that may materialize. To build a framework for the future, considerations must include preparedness, hazard mitigation, insurance and resilience in the context of emerging risks.

National Cybersecurity Awareness Month (NCSAM) is now in its 18^th year. The theme for 2021 is ‘Do Your Part. #BeCyberSmart,’ helping to empower individuals and organizations to own their role in protecting their part of cyberspace.

9/11 had a transformative effect on security risk management, just as COVID-19 has on healthcare. The risk of terrorism had come directly into business operations, impacting employees as it never had before. Duty of care came to the fore with regards to security risks, both from a legislation perspective and the growing responsibility for corporates. 

How long does a cybercriminal’s timeline usually take? What are their moves? And what tools do they usually employ? To answer these questions, it helps to think like a hacker.