Logical Security

RSS

McKinsey & Company reports that most risk managers at large organizations are flying blind when it comes to evaluating their cyber resilience due to bloated reporting processes and overly complicated reporting tools. Here's how organizations can implement a risk-based approach to their cybersecurity controls.

The daunting threats and attack techniques from 2020 are expected to continue into this year.  And while 2021 offers a fresh start, cybercriminals will continue to become increasingly savvy,  deploying a wide range of techniques to extort, disrupt, and infiltrate organizations. Now more than ever, government and corporate leaders and consumers must become engaged in ensuring effective cybersecurity strategies are in place. Here are eight steps organizations can implement to heighten cybersecurity governance:

As we think about adapting our cybersecurity training to be more realistic, applicable, and effective, what are some things you should definitely keep and what are some things you should lose in your current security training?

Board members and C-suite executives around the globe are most concerned in 2021 with risks associated with COVID-19-related government policies and regulations, economic conditions that may restrict growth and market conditions that may continue to impact customer demand, according to a new survey from Protiviti and North Carolina State University. Amid these near-term headwinds, when asked about top concerns through 2030, business leaders cite challenges that ultimately ladder up to talent. High ranking risks – including the adoption of technology that requires new or upgraded skills, rapid innovation that threatens business models and the reimagining of creative strategies – point to a need to attract and retain top talent and invest in reskilling and upskilling workforces to ensure agility and resilience in the future. 

While it might not feel like it right now, the kind of root-and-branch assessment of cybersecurity budgets necessitated by the pandemic might, overall, be a positive development. Many firms haven't looked at their budgets and the assumptions they are based on for many years. This review has been long overdue.

As vaccine distribution continues through 2021, the companies managing the process must proactively think about their current risk level, how they can decrease that risk, and how they can strengthen their security posture moving forward.

File-sharing services, such as Google Drive, DropBox and personal OneDrive folders, also pose significant risk to the corporate network. The additional layering effect of file-sharing service — such as multiple shares of a potentially malicious file through a chain of services — create an additional layer of complexity and risk.