Employees and non-employee contractors continue representing the most critical weak link in the IT chain. Too many employees, and vendors using corporate networks, are still falling for phishing attacks. Enhanced worker training on cyber risks helps, but training coupled with stronger systems offers the best protection against cyber threats.
When it comes to cyber incident management of third-party risks, enterprise security professionals can follow a simplified task list to cover their bases by answering the questions "who, what, where, when, why and how."
Effectively securing an organization’s resources and data requires making user and device identity and access management the new focal point of security. Organizations will need to reconsider their security strategy once again to accommodate staff as they return to the office.
The new bill, the DHS Software Supply Chain Risk Management Act of 2021 (H.R. 4611), will secure the supply chains involved in Department of Homeland Security software contracts by requiring a new certification.
By being an organization of change, executives can not only diversify the talent within security, cybersecurity and IT teams, but they can improve the quality of their hires and set their enterprise organizations up to thrive in the future.
The second Voice of SecOps report from Deep Instinct revealed that the average time elapsed before a company responded to a cyberattack was 20.9 hours globally. The report surveyed 1,500 cybersecurity professionals about their top cyber concerns.
Cory Simpson, former Senior Director at the U.S. Cyberspace Solarium Commission and international expert on national security and emerging technology, has joined Resolute Strategic Services as an Executive Vice President.
In Security's latest Women in Security Edition of The Security Podcasts, Meredith Wilson talks about how enterprise security professionals can prepare their organizations for geopolitical risks.
RSS
