It’s been nearly two years since we addressed cyber insurance in the Cyber Tactics column, so I decided to get an update from Bob Parisi, Managing Director at Marsh.
A survey of U.S. oil and gas cybersecurity risk managers indicates that the deployment of cybersecurity measures in the industry isn’t keeping pace with the growth of digitalization in oil and gas operations.
Today’s center of gravity in cybersecurity is shifting, pulling the skills and experience of cyber defenders in new directions. In most companies, this situation has led to a convergence of responsibilities between physical security, information security and cybersecurity teams, and an increased commitment to “staffing-up” of dedicated “cyber defenders.”
Improving employees’ cybersecurity awareness often hinges on communicating those initiatives into risks they understand.
March 1, 2017
There’s a C- on your report card, but you’re not alone: The 2017 Global Cybersecurity Assurance Report Card found that the world’s information security practitioners gave global cybersecurity readiness an overall score of 70 percent – a six-point drop over 2016.
There have been volumes written about the role of the CSO and how to gain a seat at the table in the C-suite. A relatively small number of CSOs have been able to convince their management that the CISO should be under their purview, citing the inherent mission conflicts that exist when the CISO reports to the CIO.
Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs? Enter the NIST Framework category titled Mitigation.