How has Kristin Lenardson, Vice President of Managed Risk Services at WorldAware, successfully transitioned from the government to the private sector, managed and built travel security programs and advanced in the security world?
Here is a list of free resources, guides, frameworks, services and products to help enterprise security to navigate the coronavirus pandemic. If your organization is offering resources and products at no cost, please email email@example.com to be included.
After being exposed to countless traumatic events, first responders often struggle with PTSD and mental health disorders. Beyond extending workers compensation benefits, what more can we do to help first responders?
In spite of this cyber war and in an effort to be first to market, many companies still rush their products out while ignoring proper security integration during development which can lead to disastrous side effects for businesses. Costing them valuable data, reputation, money and time to amend their product weaknesses. Companies can spend a great deal of time and money developing security patches, repeatedly rolling back and implementing updates, and buying other technologies to secure their own offering. This cycle can potentially continue for years releasing cures to the latest aliments while fearing the next hit.
Looking back at cybercrime incidents of the past 10 years, only the questions of "if" and "when" remain. "If" a business has no active cybersecurity policy and processes even just hundreds of rich customer records, "when" becomes soon enough. For the past 10 years, at least eight large-scale data breaches per year have trembled economies. You’d imagine that as business owners, we would have learned the immense value of the digital data we hold. The Ponemon Institute says that just in the US, the average size of a data breach is 25,575 records with a cost of $150 per record on average. That could be the money you would have paid in damages, as a government fine, and potentially in customer lawsuits.
Attribution is often regarded as a primary goal within a cybersecurity investigation, but as John McClurg, CISO at Blackberry, explores here, conclusive attribution should at times exist as a secondary consideration - one abandoned if the ROI doesn't justify its expense.