Security Top Stories
Security Top Stories RSS Feed RSS

Creating the GSOC: 4 Leading Examples of Successful Security Operations Centers

The way forward with Risk Operations Centers

Atul Vashistha 
Atul Vashistha 
July 31, 2020

In recent years, Enterprise Risk Management has become increasingly focused on cybersecurity risks. While this focus on cyber is understandable, the current COVID crisis has demonstrated that the unpredictable nature of cascading risks requires viewing risk through a much wider risk aperture. One way forward to successfully navigate this new risk frontier is the establishment of a Risk Operations Center (ROC). The ROC enables enterprise and technology leaders to have the continuous monitoring they require to proactively mitigate all cyber issues. Additionally, it fully supports the CISO/cybersecurity leader's principal responsibilities identified by the HBR survey.


Read More
Cyber data breach

The failing approach of managing cybersecurity

mirza asrar baig
Mirza Asrar Baig
July 31, 2020
To address this current losing war with cyberattackers, the future of cybersecurity requires augmenting the current focus of “indicators of compromise” with “indicators of exposure & warning” in real-time. Where the measure would be to gauge the shift of incident management that would tilt on managing more incidents at warning stages than on compromise stages. It is imperative to build an AI engine to perform this very task as that would be the only way to perform in real-time, scale with the growing nature of cloud as well as to cover the evolving nature to attack scenarios.
Read More
cybersecurity

How to enforce security protocols when your workforce has gone remote

adam glick
Adam Glick
July 29, 2020
As the head of information security for a technology company with more than a thousand (now mostly-remote) employees, the COVID-19 pandemic has been — among other adjectives — an educational experience. And while it hasn’t been completely smooth sailing, I believe one of the reasons we were able to transition so quickly to remote work with relatively few hiccups is that we established practices to withstand precisely this type of scenario long before the virus swept through our community. 
Read More
J Carder

5 Minutes with James Carder, CSO of LogRhythm

July 29, 2020

Get to know James Carder, CSO at LogRhythm, who has more than 19 years of experience working in corporate IT security and consulting for the Fortune 500 and U.S. Government. At LogRhythm, he develops and maintains the company’s security governance model and risk strategies; protects the confidentiality, integrity and availability of information assets; and oversees both threat and vulnerability management as well as the security operations center (SOC). Carder previously led criminal and national security related investigations at the city, state and federal levels, including those involving the theft of credit card information and Advanced Persistent Threats (APT).


Read More
data_security_-_blog_-768x423

EDPB issues guidance for cross-border data transfers in wake of Schrems II judgment

The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to put in place to use Standard Contractual Clauses and Binding Corporate Rules.
david stauss
David M. Stauss
July 28, 2020
In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.
Read More
SEC0719-Privacy-Feat-slide1_900px

Implementing Zero Trust with FIM and SCM

chris hudson
Chris Hudson
July 27, 2020
Zero Trust model creator John Kindervag puts it like this: “The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.” He came up with the model in 2010, at a time when many businesses were just beginning to put foundational cybersecurity controls in place and over-relied on the assumed security inside their enterprise-owned network boundaries.
Read More
Gaps in Cybersecurity Programs

The risky door that telecommuting can open to your network

Benny Lakunishok
Benny Lakunishok
July 24, 2020
With telecommuting here to stay, now is the perfect time to re-examine just how much network access you are giving your users and machines. You might be shocked to see how open your network really is. Most organizations allow more access than their users or machines will ever need or should ever have – this excessive trust is what allows attackers who get into the network to spread and cause a lot of damage.
Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!