Assessment of Business cybersecurity

Cybersecurity Hygiene: Not a Dirty Little Secret for Long

In October 2018, FICO (a consumer credit scoring specialist) began scoring the cybersecurity of companies based upon a scan of internet facing vulnerabilities. FICO grades companies using the same scoring that is ...

Cybersecurity Is Every Leader’s Job

Every organization is led by people who are responsible for setting the overall direction, establishing priorities, maintaining influence over organizational functions and mitigating risks. Given the wide range of organizational types across ...

Why You Need a Concrete Incident Response Plan (Not Strategy)

Recently, I had the privilege to be part of a four-person discussion panel at a security event in London where the topic was about incident response. The panel was hosted by another ...

Security vs. Compliance: What’s the Difference?

Security and compliance are often said in the same breath as if they are two sides of the same coin, two members of the same team or two great tastes that go ...

Redefining the Meaning of Operational Risk

The definition of “operational risk” is variable, but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. I, however, want ...

How Foundational Controls Can Be Used to Help Fight Back Against Digital Security Challenges

On 26 March, the UK government unveiled its Cyber Security Export Strategy. The Department for International Trade (DIT) created this strategy to help the United Kingdom capitalize on the world’s ever-evolving digital ...

Risk Assessment and Identifying Vulnerabilities in Your PKI Management

Cyber security is a field both deep and broad with a large number of complicated facets. As no one can be an expert in all things, it can sometimes be difficult even ...

Insider Enterprise Threats: Human Behavior

This article is part 3 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats (human behavior) to the modern enterprise. Over the ...

Insider Enterprise Threats: User Activity Monitoring

This article is part 1 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats to the modern enterprise. Insider cyber security threats ...