Companies that measure cyber
risk using "high, medium, low,"
or "red, yellow, green" have
essentially no visibility into their
real financial exposure.
Such qualitative approaches do not
give CEOs the information they need
to know how and where to invest to
minimize their risk effectively.
As cyber events continue to increase in volume, frequency, and impact,
protecting your organization must be a top priority. To optimize your company's
preparedness to address cyber risks, you need industry guidelines to drive
your cybersecurity program forward, using an assessment against guidelines
Reporting Cyber Risk is More than
a Traffic Light
Using "high, medium, low" or "red, yellow,
green" to measure cyber risk is not enough.
This method is outdated, unreliable and
insufficient. CEOs and other C-Suite
executives require an approach that helps
them decide which cyber controls -...
As technological presence expands in organizations, the risk of cyber events will continue to increase.
Cyber risk management should be treated as a top priority. Organizations often use assessments to
capture a snapshot in time, but it can be used for much more. Assessments can provide organizations
Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king. As the pandemic has reshaped how many live and work, so too has it driven attackers to attempt to exploit work-at-home challenges and virus fears.
It might be new, but are we ready to call this "normal?" In this latest in a series of CEO/CISO panels, cybersecurity leaders talk frankly about the new risk surface and the role emerging technologies play in helping us keep pace with our adversaries.
National Guard units are commonly called up to help deal with the aftermath of a natural disaster. And they played a role in responding to the COVID-19 pandemic and civil unrest. But some states are now calling out the National Guard to help safeguard elections from online attacks and interference.
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Open source is a great foundation for modern software development. But when not managed properly, open source can expose you to numerous risks including licensing, security, and code quality risk. The 2020 Open Source Security and Risk Analysis (OSSRA) Report is the resource you need to learn why you need to identify...
Your cybersecurity posture is only as strong as its weakest link. And in today's people-centric threat landscape, that means your users. They are your greatest asset, your biggest risk and your last line of defence from threats.
That's because attackers have shifted their focus from infrastructure to people. No...
The COVID-19 pandemic is forcing big businesses to rethink their security plans. For example, the National Football League is experimenting with "zero trust" architectures, while Jet Blue is focusing on more frequent risk assessments.
In the past few months the healthcare sector has undergone an unprecedented digital transformation. In fact, many organizations found themselves having to do this quick shift over a weekend.
Prior to the pandemic encryption had been a healthcare challenge. The advent of a remote workforce and new telehealth...
The unprecedented level of cybersecurity risk today extends far beyond the four walls of the enterprise. There is no longer any difference between personal and corporate protection when it comes to members of the executive team and board. High-level individuals now have a single, unified digital life, and senior...
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.