Torsten George

Today, even mid-sized organizations are dealing with thousands of vulnerabilities across their growing attack surface. Therefore, relying solely on existing intelligence provided by vulnerability...

Organizations Must Put Security Vulnerabilities Into the Context of Their Exploitability

Hackers are constantly looking for vulnerabilities they can exploit to gain access to corporate networks, industrial control systems, financial data, and more. One of...

To respond to mounting cyber-attacks, advanced persistent threats, and insider leaks, enterprises and government entities need reliable, real time visibility into their IT security...

Ransomware is dominating the headlines so far in 2016, having moved from targeting individuals to holding corporate data hostage and extorting payments to decrypt...

Is the probability of an Automated Patch Breaking a System Worse Than the Increased Risk of Getting Hacked?

Security Metrics Need to Extend beyond Quantitative Factors

Threat intelligence has received a lot of attention from the industry, ranging from vendors expanding their product portfolios and venture capitalists funding new start-ups...

Just Deploying Best-of-Breed Security Tools Has Proven to be Insufficient in Mitigating Today’s Cyber Threats...

Governance, risk, and compliance (GRC) solutions are intended to help organizations reduce the complexities associated with information management, process execution, and stakeholder coordination in...

While politicians and security experts are constantly warning about the risk of cyber-attacks, they rarely, if ever, mention the risks associated with the Internet...

Over the past two years, risk management has gained a lot of attention in the media and among practitioners. Even though it has been...

Data breaches have become a daily occurrence. However, their cost to organizations goes far beyond reputational damage in the media. Boards and businesses are...

Targeted and highly sophisticated cyber-attacks are compelling security practitioners to change the way they deal with evolving threats. The damages associated with breaches are...

More and more industry standards and regulations promote or even mandate that organizations apply the concept of “continuous compliance”. Continuous compliance includes the reconciliation...

As news of more data breaches and third-party originated cyber-attacks continue to make the news, businesses and regulators alike are sharpening their focus on...

Managing IT risk is an essential component of the business risk management process, which has achieved broader adoption in recent years. However, with the...

Despite increased investments in preventive security measures, many organizations are losing the war against cyber criminals.The data breaches at Target, Home Depot, Staples, Michaels,...

In February 2014 the National Institute of Standards and Technology (NIST) issued a new set of cyber security guidelines designed to help critical infrastructure...