Security & Business Resilience - Articles - Page 315

How to Protect Your Organization from Ransomware

April 27, 2020

Ransomware. It may be the most feared word of security and risk managers. After countless headlines and costs of over 11.5 billion dollars in 2019 alone, organizations around the world are understandably terrified of being hit by a ransomware attack. What are four steps you can take to protect against ransomware?

SBA Loan Application Data Breach: What You Can Do

Larkin Reynolds

April 27, 2020

On April 21, the Small Business Administration (SBA) revealed that around 8,000 small business loan applicants had their potentially sensitive information exposed in a data leak affecting the website being used to host the online application.

Understanding the ESRM Guideline

Diane Ritchey

April 24, 2020

Last year, ASIS International released the Enterprise Security Risk Management (ESRM) Guideline, which takes a different approach to traditional security. The ESRM Guideline was released at the 2019 Global Security Exchange (GSX) in September, and the Maturity Model is now available on the ASIS website.

When Efficiency is the Outcome of Enhanced Security

IT staff aren’t tasked with increasing employee productivity, but it is often the surprising benefit of device security measures.

Simo Salmensuu

April 23, 2020

According to Verizon's 2019 Mobile Security Index report, two-thirds of organizations said they are less confident about the security of their mobile assets than other devices. Many of these breaches occur due to vulnerable devices, servers and applications that allow bad actors to gain access. Security breaches and the threat of compromise are a serious issue for organizations of all sizes.

Important Questions to Answer Before Paying a Ransomware Demand

Marty Puranik

April 22, 2020

In the event that a ransomware attack is successful, what questions should your organization ask? How can your organization mitigate short and long-term damage, as well?

5 Minutes with Sounil Yu, CISO-in-Residence at YL Ventures

April 22, 2020

After a seven-year tenure as Chief Security Scientist at Bank of America, Sounil Yu joined YL Ventures as Chief Information Security Officer-in-Residence. What is his main focus in his new role and what are his initial priorities over the next six months?

Observing Privilege to Reduce Risk in Software-as-a-Service (SaaS)

Chris Morales

April 21, 2020

Risk remains the top concern for organizations adopting software-as-a-service (SaaS) models and this is an issue that is only getting worse. What is needed today is the ability to remove the dependency on human behavior and human error, bringing control back to the security team.

The Executive Women's Forum announces its 18th Annual Conference and Women of Influence Awards

April 20, 2020

The Executive Women's Forum on Information Security Risk Management & Privacy (EWF) announces its 18th Annual Conference "Empowering Women In Cybersecurity, Risk And Privacy: Enhancing Business Resilience And Trust," to be held October 20-22, 2020 in Scottsdale, Ariz.

The Biggest Cybersecurity Mistakes CISOs Might be Making Today

Eyal Hayardeny

April 17, 2020

Even if a Chief Information Security Officer (CISO) performs 99 percent of their tasks perfectly, there is still plenty of opportunity to make mistakes. When companies have unpatched vulnerabilities, or incorrect configurations, or other holes in their security tactics (not to mention the "set it and forget it” mentality after deployment)—security management can quickly become a CISO’s nightmare. This is why it's so important for leaders to consider the following when developing the right security approach for their organizations.

Speech Recognition Technology Offers New Ways to Help Protect Officers’ Safety and Well-Being

Spend less time heads down typing incident reports and more time protecting the public

Ed McGuiggan

April 17, 2020

Improving the safety and well-being of our law enforcement professionals remains a key priority for communities across the U.S. Among the biggest obstacles to achieving this goal, however, are the outdated police documentation workflows and processes, which are often still manual (and some departments still rely on pen-to-paper).