According to the Information Security Forum (ISF), with growing recognition that security awareness in isolation rarely leads to sustained behavior change, organizations need to proactively develop a robust human-centered security program to reduce the number of security incidents associated with poor security behavior.
There is an opportunity here for IT teams to stabilize their work-from-home situations while also preparing for the future back in the office, or for many, supporting a hybrid model. Long term solutions are needed for organizational success. There are many steps that can be taken to ensure infrastructure is properly cared for and ready to be used when teams are able to return to the office.
KnowBe4 announced it is partnering with the Center for Cyber Safety and Education to launch a Women in Cybersecurity Scholarship to offer $10,000 to be applied to tuition, fees, books and required electronics for the recipient.
Basketball can teach us a lot about managing the cybersecurity of an enterprise: it takes teamwork. This is perhaps most evident as organizations seek to adopt zero trust principles. The zero trust concept is not new, but I hear more organizations discussing it than ever before — driven by a desire for greater security, more flexible access, and accelerated by the shift to remote work due to COVID-19. At its core, zero trust focuses on providing least-privilege access to only those users who need it. Put it this way: don't trust anyone and even when you do, only give them what they need right now. This security philosophy would make Jordan proud, but in that vein, zero trust would not work without another player: identity management (perhaps it’s the Pippen factor!).
With cyber resilience, it is the same kind of philosophy: reducing your cyber incident risk and not just relying on one line of defense or one capability you think will be the one that finally stops the bad actors. Looking at the standards for cyber resilience in federal agencies will help businesses understand both the essentials and the additional steps they need to take to fully safeguard their assets.
Today's cyber environment is one of rapid and constant change. Stepping up in technological savvy, threat actors are using an arsenal of new and sophisticated techniques that make recognizing their attacks harder than ever. There are several thousand products and thousand different threats and risks. Cybersecurity seems as elusive and probably as impossible as the “happiness problem.”
Security magazine and its partner for the Top Cybersecurity Leaders, (ISC)², is looking for enterprise information security executives, who have made and continue to make significant contributions in the cybersecurity space to their organizations and/or the enterprise-level information security profession.
The Standoff, an online offensive/defensive competition in which defenders (blue teams) compete against attackers (red teams) to control the infrastructure of a simulated digital city, has concluded.
The event took place Nov. 12-17, 2020, pitting information security veterans against skilled hackers in a battle to hack mock banks, utilities, airports, downtown hubs, IoT systems, cargo and public transportation, telecoms systems and more.
TrapX Security released findings of a research survey in partnership with the Enterprise Strategy Group (ESG). The survey asked 150 cyber and IT professionals directly involved in security strategy, control and operations within manufacturing organizations about their current and future concerns.
This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.