Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
In this paper, we'll examine four key DNS-related problems that affect organizations and identify how a DNS solution provider can best address them.
Download this whitepaper to discover how to improve your DNS protections.
There are few regulatory environments more complex and challenging than that of a large public utility serving millions of customers across several states. So when the compliance management team at one such organization required a more streamlined approach to gathering, managing, and complying with hundreds of...
As businesses grow and change, so too does the nature of risk. Technology plays a critical role in managing risks related to one area in particular: third-party risk management (TPRM).
Adapting technology to industry-specific needs, a deliberate rollout strategy and effective change management processes all play...
IoT, the cloud, third-party risk - we hear a lot about how the cybersecurity risk surface and threat landscape have evolved. But what about the new business demands on cybersecurity leaders? Christopher Hetner, former global CISO at GE Capital, shares insights.
The SANS Institute's Cyber Workforce Academy is helping to address the shortage of cybersecurity pros by recruiting individuals from other fields and matching graduates with local employers, says Max Shuftan, who leads the institute's cyber talent division. The approach could serve as a model, he says.
Some 23 federal agencies come up short in their cybersecurity efforts even as attacks on their IT infrastructures continue to grow and concerns about foreign interference in the upcoming 2020 elections persist, according to a Government Accountability Office report.
Join Enterprise Strategy Group (ESG) and Dtex Systems to get a detailed look at a newly released ESG Research Insights Report, "Insider Threat Program Realities." Based on the survey of 300 security and IT professionals in the US, the report underscores the continued struggle most organizations face when it comes to...
Want to improve how your organization
delivers and absorbs security awareness
training? Then it comes down to
reinventing your approach, including
Download this eBook to learn more about:
What's wrong with traditional training methods;
Lessons learned from Barracuda's customers;
How to measure...
New research highlights key management and communication issues facing those responsible for cyber security, including entrenched perceptions by senior leadership and employees. Nearly 50% of cyber security professionals, for example, believe executive boards see them in just a maintenance role, rather than a source...
Cyber adversaries are resilient and move quickly, so it'st critical that organizations share threat intelligence in an automated way, says Shawn Henry of CrowdStrike Services. But that sharing has been hampered by a lack of understanding of why it's important and how organizations can benefit, he says.
Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk.
For years, security leaders focused primarily on malicious insiders - those who intend to do harm to an organization. But CISOs are increasingly concerned about the accidental insider. And Anne-Marie Scollay of Axiom Law has a program targeting this growing threat.