Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Verizon has published its widely anticipated 2016 Data Breach Investigations Report (DBIR), compiled by Verizon with the support 67 contributing partners. [Read More]
FireEye has launched a new service designed to help organizations manage the risks associated with corporate Mergers & Acquisitions (M&A). [Read More]
In a recent survey, only 31 percent of respondents believe their vendor’s risk management program is highly effective, yet only 38 percent track the effectiveness of the vendor risk management program. [Read More]
Since no company can be secure against targeted attacks, there can be no surprise that law firms will be breached once they are targeted. [Read More]
Petya, the ransomware family recently discovered to encrypt entire hard disks, performs a two-phase encryption process. [Read More]
Qualys ThreatPROTECT gathers and correlates data from vulnerability scans and threat feeds to give organizations a view of their potential exposure to threats. [Read More]
Facebook has paid out more than $4.3 million since the launch of its bug bounty program, $936,000 of which in 2015 [Read More]
Google will remove and distrust a Symantec root certificate from Chrome, Android and other products [Read More]
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware [Read More]
Cisco has agreed to acquire privately held, UK-based Portcullis, a consultancy that provides cybersecurity services to enterprise and government sector clients. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Rafal Los's picture
While we can all agree that fundamentally security can’t succeed without knowing what we’re protecting, there are next to no good answers for how to do this.
Alastair Paterson's picture
Cyber situational awareness can provide insights into the people, processes and technology your adversaries use and turn those into an advantage.
Torsten George's picture
Using OODA as a blueprint, it’s possible to implement automated processes for pro-active security incident notification and human-guided loop intervention.
Joshua Goldfarb's picture
If you’ve centralized all of your security resources, you will have a far more difficult time handling the incident than if you’ve strategically placed security resources around the globe.
Jennifer Blatnik's picture
It is critical for business leadership to address the growing threat of ransomware as a business risk rather than a siloed IT issue.
Adam Meyer's picture
Gaining awareness of supply chain risks and addressing them in the context of broader risk management programs will put organizations in a much better position when it comes to managing their cyber risk.
Alastair Paterson's picture
Failure to secure sensitive information during the M&A process opens the door to threat actors looking to profit by exploiting financial markets and proprietary intellectual property (IP).
Joshua Goldfarb's picture
Cyber insurance, like any tool, will not solve all of an organization’s problems. But it can help an organization round out its risk mitigation strategy.
Bill Sweeney's picture
Enterprises have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.
Torsten George's picture
CISOs should pro-actively monitor their company’s risk posture and provide quantitative views of the organization’s risk posture on a semi-annual basis — at the very least.