Robert R. Ackerman Jr.

As cyberattack methods evolve, so too must enterprise incident response plans. How an organization recovers from a data breach is critical to their future business success.

Online privacy has evolved greatly in the United States, and there is legislation on the horizon that may change data privacy and cybersecurity practices going forward.

As the Russian invasion of Ukraine continues, cybersecurity professionals are on the lookout for cyberattacks following the Kremlin's initial strategy of hacking the Ukrainian government.

Cybersecurity professionals securing hybrid work environments can follow these three tips to improve their security posture. While people are the weakest link in any cybersecurity program, they can also be its strongest defense.

In a world replete with endless cyberattacks, IoT devices have minimal security, in part because cybersecurity stewards and their bosses are busy with other things and aren’t demanding improvement. 

A CISOs first 90 days on the job provide a window of opportunity for establishing their credibility and earning a vote of confidence from leadership. This requires, among other things, thoroughly assessing a corporation’s organization, technology, governance and the processes it embraces.

Almost every American adult knows that cyberattacks and breaches are ubiquitous and have primarily targeted companies and government entities. They might even know that the single most common breach these days is ransomware, a malicious process by which hackers dismantle computer systems and don’t fix them until a ransom is paid. Few, however, are aware that ransomware is targeting a new set of highly vulnerable victims en masse. In recent months, the majority of successful ransomware attacks have struck K-12 schools nationwide, casting a whole new light on the number of Americans highly susceptible to a cyberattack.

While a number of useful countermeasures are being taken across corporate boards, progress remains relatively slow in the face of borderline existential threats. Not so long ago, companies thought of cybersecurity as a technology problem to be overseen by the chief security officer or the chief information officer, or as a compliance issue to be managed with audit functions. Today, thankfully, a more holistic, proactive and analytical approach is generally taken. There is more security training and better hygiene and most boards now count a seasoned CISO as one of their directors.