6 Stages of Risk and Compliance Program Maturity and the Opportunities for Automation
The 2019 Gartner Security and Risk Management Survey confirms that 73% of organizations around the world espouse the NIST Cybersecurity Framework (NIST CSF). NIST CSF focuses on five core functions--Identify, Protect, Detect, Respond and Recover. These categories cover all aspects of cybersecurity, which makes this framework a complete, risk-based approach ... Read More
3 Questions CISO’s Need To Ask Themselves When Taking A Risk First Approach
A chief information security officer’s (CISO’s) life has become more complicated since COVID-19 pressed many businesses into digital transformation that weren’t quite ready to make the transition. Companies had no choice but to adapt, or otherwise, they would lose out on revenue and growth. This meant CISO’s had even more ... Read More
How Continuous Control Automation is Leapfrogging Continuous Control Monitoring
In a world where automation is taking over fast food, driving, package delivery, and practically every other industry, why isn’t it more prevalent in the cybersecurity realm? For a sector inundated with cutting-edge technology in almost every other aspect, somehow risk and compliance management has fallen to the wayside. Employees ... Read More
Cyber Resilience Starts With Visibility: How Risk Quantification is Imperative to Improving Security Posture
It’s often easy to put cybersecurity practices in a box that is essentially “out of sight, out of mind” until there is a data breach and the C-suite are scrambling and asking “why?” or, more importantly, “how”? For modern, forward-thinking companies, it’s no longer enough just to use a risk ... Read More
ROC-n-SOC: Creating Risk Operations Centers to Support SOCs
Although the cybersecurity risk landscape has always been dynamic, the shift to remote work during the pandemic further accelerated massive changes and affected how an enterprise focuses on risk and security services. In a pre-COVID survey by Harvard Business Review, survey respondents were asked what the CISO/cybersecurity leader’s principal responsibilities ... Read More
The Guide to Presenting Information Security’s Business Value
When it comes to information security and stressing the importance of cyber risk management, getting the whole company (especially the C-suite) on the same playing field becomes paramount. There’s no question that when diving into it for the first time, cyber security can be a daunting function. There are countless ... Read More
How AI Augments Downsized Security Teams
When people think of artificial intelligence (AI), the things that pop into mind are typically along the lines of advanced robotics software that controls smart houses or self-driving (or flying) cars. AI application has skyrocketed in recent years, but it has many functions beyond what we saw in the Jetsons ... Read More
Being a CISO in 2021: How to Be a Business Leader in the Boardroom
With the rise of digital transformation initiatives in 2020, a Chief Information Security Officer’s (CISO) already stressful work environment has become even more complex. A post-pandemic world has spawned other challenges for security professionals with the rise of remote work—like making sure data remained secure in an environment that wasn’t ... Read More
How to Align IT and Business Objectives During Digital Transformation
In the era of digital transformation initiatives, it’s easy to view the myriad of jobs that computers perform in a myriad of industries as magic. Many employees can’t look at a program or other digital tools and know-how it does what it does or how difficult it can be for ... Read More
Optimizing a Downsized Security Budget Post COVID-19
There’s no doubt that COVID-19 has impacted and transformed every industry, and the cybersecurity realm is no exception. Many CISO’s most likely sat down in late 2019 with plans to implement a minor increase in their cyber security budget, with maybe one or two additions to their talent pool, but ... Read More
