Events , Fraud Management & Cybercrime , Multi-factor & Risk-based Authentication
Double-Click on Risk-Based Cybersecurity
Niloofar Razi Howe, Pondurance, on Technology-Based vs. Risk-Based Cyber DefenseIn today's cybersecurity landscape, where threats such as ransomware evolve rapidly, organizations must shift their approach to cybersecurity from technology-based to risk-based, said Niloofar Razi Howe, chair of the board, Pondurance.
The opposite of that, she said, is to respond to threats as they come - without a program in place. Instead of reacting to individual threats, companies must build security frameworks that protect critical business assets and data by assessing their risk tolerance and addressing vulnerabilities strategically.
"The idea of the risk-based approach is that it starts with the fundamentals of your business, and it's about protecting the things that matter - your IP, your data, your operations - and understanding your risk tolerance level. What's the gap you have, and how do you build a program that's appropriately resourced to close that gap over time?" Howe said.
In this video interview with Information Security Media Group at RSA Conference 2024, Howe also discussed:
- How a risk-based approach to cybersecurity helps enterprises make smarter decisions;
- How enterprises can take a risk-based approach to comply with the new SEC mandates;
- How Pondurance is helping customers embrace risk-based security.
Howe has been an investor, executive and entrepreneur in technology and cybersecurity for more than 25 years. Most recently, she served as chief strategy officer and senior vice president of strategy and operations at RSA, a global cybersecurity company, where she led corporate strategy, corporate development and planning, business development, global program management, business operations, security operations and federal business development.