Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.
Human error is the most common portal for cybersecurity breaches. So it stands to reason that human talent is the most valuable defense against attacks.
But how can organisations reduce risk by making humans the strongest link in the cyber defense line?
View this UK & EU Leadership Session lead by the Tech...
For today’s business, security is a teamwide effort and should involve everyone at your organization, not just IT. All it takes is one slightly out-of-date computer or a reused password for a cybercriminal to gain access to your company's most sensitive data.
Is your security risk management handled only by IT?...
DevOps and the continuous integration/continuous deployment (CI/CD) pipeline are revolutionizing application development, test, and cloud delivery, enabling developers to write the application code and define the cloud infrastructure. But where is cloud security?
Shifting left allows cloud security to scale...
As an international bank, Barclays needed to invest more in its information security training in order to minimize risk and ensure business continuity. The goal was learn and teach the modern way to minimize a security breach posed by the latest advanced threats.
Cyber sieges immerse teams in real-world cyberattack...
One of the most-heard complaints from security experts is that often they find their work repetitive ("The CFO's laptop has been compromised... again!"), which results in the desire of trying something "new", meaning "leave for another company." Another common complaint is that the work is very compartmentalized, and...
Security awareness training helps educate organizations and prepare its people to defend against today's most threatening cyberattacks. But, sometimes well-intentioned strategies can have unintended consequences. Leveraging a "one-size-fits-all" solution may work for maintaining compliance, but what happens when a...
Security awareness training is typically an Achilles heel for enterprises. But there are simple elements that create an effective training solution.
Download this whitepaper to learn more about:
The security training challenge;
Elements of a successful program;
Details of Security First solutions.
We've talked a lot in recent times about data breaches and data loss. But what about pure data integrity - not just whether it can be stolen, but whether it can be secretly altered?
This is a topic close to the heart of Diana Kelley, a cybersecurity field CTO for Microsoft. She has addressed the topic at recent ISMG...
Cybersecurity FutureWatch is an in-depth analysis of cyber trends and forecasts. This data-driven report illustrates critical industry developments that will inform a company's cybersecurity planning as technology advances.
GDPR. NIST CSF. NY DFS. These acronym laws and standards can be maddening to navigate clearly for legal and compliance teams. Particularly when the threat landscape is ever evolving, and the threat actors - from outside and within - are unrelenting. This is why we have designed these sessions as an opportunity for...
This month we spotlight the critical cybersecurity challenges facing healthcare sector organization. Explore why a focus on compliance-driven security risk programs can put entities at a great disadvantage in dealing with these challenges - and what's needed to implement a more war-minded approach to battle the...
What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
It's no secret that the healthcare industry is increasingly under attack by cybercriminals. And risky end-user behaviors are only exacerbating the threat. Yet, user awareness training is always a challenge for organizations. How do you effectively train users to stop clicking on links or opening attachments? This...
The insider threat. It could be the malicious insider who intentionally sets out to commit fraud, steal intellectual property or cause damage. Or else it could be the so-called "accidental insider" who makes a mistake or is taken advantage of by an external threat actor. Either way, the business impact is real, and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing gdpr.inforisktoday.com, you agree to our use of cookies.