Rene Descartes, philosopher and mathematician, wrote: “Mathematics is a more powerful instrument of knowledge than any other that has been bequeathed to us by human agency.”
We just celebrated President’s Day. Folklore has it that during the American Revolution, George Washington was approached by an enquiring member of the press who asked: “George! George! What keeps you up at night?”
If your company relies upon third-party cloud providers to support or deliver core services, or to protect sensitive data, it’s crucial to understand that cloud security is a shared responsibility.
Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.
After a data breach, regulators strive to evaluate if an enterprise fulfilled "reasonable" cybersecurity standards… without defining what "reasonable" looks like.
When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.