security policy
Lasso Security Data Protection Tool Aimed at GenAI Applications
The custom policy wizard helps prevent data leaks in GenAI tools by using CDP, requires no coding, and offers adaptive, intuitive policies. “The real threat is in unstructured data, the kind of ...
The Hidden Costs of Insider Threats
Much of cybersecurity policy and practice is dedicated to protecting against external threats and attacks that put networks, data, and devices at risk. Malicious incidents of hacking, phishing, and the like from ...
Cloud Security: Maintaining Least Privilege
Reading Time: 8 minutes There are four main identity risks that determine the necessity of least privilege. These include the separation of duty, dormant identities, privilege escalation, and toxic combinations ...
How Penetration Testing can help prevent Ransomware Attacks
It is hard to believe, but ransomware is more than three decades old. While many would think that the ransomware mayhem started with the WannaCry attack of 2017, that is simply the ...
Why the Security Policy is Dying
Security policies, a familiar tool of the CTO or CISO, are dying off, and I am glad to see them go. Long narrative descriptions of a top-down prescribed security policy ideal are ...
CISO Stories Podcast: Do You Know Where Your Data Is?
Today, data is everywhere as users are working remotely, storing information in the cloud, downloading to and from USB drives, and so on. William Miaoulis, CISO at Auburn University, joins the podcast ...
CISO Stories Podcast: The Nexus of Security, Privacy and Trust
Allison Miller, CISO at Reddit, discusses the challenges across stakeholders from end-users to service providers in addressing the nexus of Security, Privacy and Trust - should they be equally weighted? In what ...
CISO Stories Podcast: Five Mistakes Impacting Security and Privacy Policy Creation
Charles Cresson Wood set the ‘gold standard’ for policy guidance with the book Information Security Policies Made Easy, now in its 14th version. Wood has extensively researched what separates good processes from ...
CISO Stories Podcast: Achieving Security Buy-In – Change Approach Not Culture
We need the organization to support the cybersecurity initiatives and thus we try to influence the organization to support these goals for the protection of the organizational assets. If we are failing, ...
CISO Roundtable: Ransomware Attacks and the True Cost to Business
A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact ...
