Security Leadership and Management

RSS

Some opportunistic cybercriminals have taken advantage of the pandemic environment to breach both consumer and organizations’ data. These cybercriminals are using COVID-19-themed emails as an opportunity to unleash ransomware attacks on organizations and consumers. Here, we focus on Remote Workforce and Remote Learning as areas that cybercriminals will continue targeting in 2021 and beyond, and explore mitigation strategies that may help reduce cybersecurity risks related to these areas.

According to the U.S. Department of Justice’s Office of Victims of Crime, workplace homicides declined between 1995 and 2015. Yet workplace homicides are not the most common form of workplace violence — simple assault is. Simple assault is defined by the National Crime Victimization Survey (NCVS) as an attack without a weapon that results in no injuries or minor injuries (e.g., cuts, scratches, black eyes), or any injury requiring fewer than two days in the hospital.

Galvanize announced new findings from a national survey of governance, risk, and compliance (GRC) professionals that position the 2020s as the decade when the GRC industry embraces advanced technology. The data uncovered a strong post-pandemic push toward the adoption of cloud-based technology and revealed the critical value GRC professionals bring to the C-suite, as well as the top concerns from, and the evolving role of, GRC professionals. 

Help us recognize the unsung heroes of the security industry by nominating a security leader to be named one of Security magazine's 2021 Most Influential People in Security!  We are looking to highlight enterprise security executives, who through their own organizations and externally, have made significant and influential contributions to the enterprise security profession, continue to push security forward both inside their own organizations and in the industry as a whole.

FICO, a global analytics software company, appointed Ben Nelson as Chief Information Security Officer (CISO). 

Anyone with access to your organization — employee, contractor, former employee, etc. — poses a potential risk to the enterprise. So, what is insider threat; who should own an insider risk mitigation program within the enterprise; and most importantly, how can security leaders assess and mitigate the risk?