In the past, responsibility for cybersecurity efforts rested almost exclusively with CISOs and IT departments. That’s an old-school approach. Today, most companies recognize that the responsibility for developing a strong security culture rests with everyone in the organization—from the top down.
But understanding the importance of instilling a sound security culture and actually being able to make it so are two very different things. Lack of clarity about what a strong security culture means can easily lead to misunderstandings and missteps. Let’s look at five practical ways to instill a robust cybersecurity culture. Read More…
Executives have always been a top target for hackers, but in the last two years we’ve seen new tactics emerge which make this threat even more urgent for businesses to address.
A successful attack on a high-ranking executive such as the CFO, CIO or CEO often provides the cybercriminal with an all-access pass to the corporation’s data, network and employees. Read More…
Asset criticality can be based on several factors, not the least of which is the type of data they store, process, and transfer. Consider using data analytics tools to determine the criticality of assets based on the data types in use. Vulnerability management is a key responsibility for CISOs and CIOs alike. Each year, unpatched systems are responsible for a multitude of breaches while thousands of new vulnerabilities are discovered and published. Read More…
Douglas DePeppe is a practicing cyberlaw and data privacy attorney who is also involved in sport data, NIL, cyber risk, and other cyberspace and blockchain initiatives. He was a cyberlaw advisor during a career in the US Army JAG Corps, later advised US-CERT with the US Department of Homeland Security, and served on the Lawyers Working Group as part of the White House 60-day Cyberspace Policy Review. He was also inducted into the cyber Information Sharing Hall of Fame in 2018. Read More…
You must act decisively — and soon — to counter the relentless evolution of cyber criminality. That’s what cybersecurity leadership is ultimately all about. The choice of EDR vs. XDR vs. MDR is not always an either-or decision. A lot of what is best for an organization will depend on their internal team and resources as well as the security outcomes one will want to drive. Read More…
Throughout this article we will discuss why GTM is the final major frontier for security, and why so many businesses are finally getting on board with securing it with the same vigor as all of their other potential areas for cyber attacks. Back when companies first became aware of the potential threats malicious users and bots could have on their operations, many of them were moved to action. Read More…