It's the ultimate challenge for government agencies: How can they be both secure and compliant - especially when operating in a hybrid cloud environment? Trend Micro's Ed Cabrera offers insight into the unique challenges and emerging solutions.
Mobility and IoT are acknowledged by security practitioners to be a whole different beast when it comes to management. MetricStream's French Caldwell says that GRC likewise needs to change its paradigm to accommodate this disruption.
For incident response teams, half the battle is just collecting the data to do your job. Reactively collecting data using antiquated forensic
tools and outdated antivirus products delivers very little visibility into the full context of an incident and continues to prove laborious and
inefficient. Collecting data...
Enterprises recognize the value of cloud. Ovum research shows that 80% of organizations will be increasing their use of cloud services over the next two years. Employees want to use cloud services that are convenient, easy to use, and make their working lives simpler. However, business and employee views on cloud...
Ask any cyber-security professional and they'll tell you that it's getting more difficult to prevent, detect, or respond to cyber-attacks, data breaches, and even data exfiltration. Why? The threat landscape continues to grow more dangerous while IT infrastructure becomes more complex with the addition of mobile...
An organsation's ability to deliver value to its stakeholders directly correlates to its ability to manage risk. Risk
management is not an exact science because identifying all possible outcomes, assigning probabilities to each and estimating the expected financial impact is often based on judgment and estimates, not...
Data breaches continue to have a major financial impact on organisations, as well as on their reputations. The 2015 Verizon Data Breach Investigation Report (DBIR) evaluates recent breaches and vulnerabilities, and looks at how they affected organisations in multiple industries and countries. While the DBIR is full of...
Continuous network monitoring allows your organisation to take an automated, holistic approach to monitoring your security state and activity. This involves discovering all assets, identify all vulnerabilities, monitoring networks in real time for threats, gathering contextual analytics, and providing assurance that...
Continuous monitoring is among the latest approaches to keep your company safe from hackers. And according to this SANS survey, most organizations claim to have a program for monitoring systems and activities for unauthorized changes, vulnerabilities, abnormal operation, and needed patches. But how effective are...
Many recent breaches have exploited security weaknesses in third party vendors and suppliers
to attack organizations across all industries. In this SANS What Works Case Study, Chris
Porter, Deputy CISO at Fannie Mae details:
His experience using BitSight Security Ratings to assess the cybersecurity level of...
As breaches continue to cause significant damage to organizations, security consciousness is shifting from traditional perimeter defense to a holistic understanding
of what is causing the damage and where organizations are exposed. Although many attacks are from an external source, attacks from within often cause the...
One of the first steps to creating a
vendor risk management program
includes identifying what kind of
access your vendors have to your
network and where your greatest
risks lie. Unfortunately some organizations dwell on identifying those risks rather than remedying them.
Download this whitepaper to explore...
While vendor risk management has long been an area of concern for Financial Institutions, regulators are now looking for banks to do more and provide a higher level of assurance about the security practices of their vendors. But how? With regulators continuously raising the bar, one thing is clear: the vendor reviews...
Traditional signature-based endpoint protection solutions struggle to protect against today's advanced threats and zero-day attacks. Enterprises need to detect and respond based on real-time monitoring and a continuous recorded history to reduce the attack surface with multiple forms of prevention.
Download this...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.