The Security Briefing

Breaking Information Risk Management News and Trends

Election hacking concerns aren’t the only indication of the IoT security problem

When it comes to cybersecurity it’s obvious how important it is with the increasing number of IoT devices like voting machines, medical devices, and even devices that we may think are old and not vulnerable, such as pagers. This US election period, for example, has shown the growing concerns around a potential hack during an election, and…

CTO and CIO challenges make it hard to get security on track

There are a number of headaches that IT executives, such as CTOs and CIOs, face in any type of business, including financial services companies. The things that keep these executives up at night involve a number of challenges. Some that stood out from a recent article discussing this very topic are worth mentioning.

Effective data breach preparedness is still a long ways away

Even though organizations know about the importance of data breach preparedness with 86% of companies having a data breach response plan in 2016 versus 61% in 2013, a recent study by the Ponemon Institute shows that they’re far from implementing their plans in a way that helps them weather the storm if breach happens.

The board of directors are missing the mark when it comes to cybersecurity

There’s always a lot of talk about the board and cybersecurity. This topic is important because without the board’s approval, organizations can’t take the necessary steps to improve cybersecurity. As time passes and mega breaches keep popping up, like the recent Yahoo mega breach, the board does seem to be getting more interested in cybersecurity. However, the question remains, what’s the board’s cybersecurity ‘why’?

Vulnerabilities continue to leave the door open to insider threat and more

The number of vulnerabilities that organizations can confront are so many that if you’re not in the business of security or dealing with security matters, it can come as a bit of a shocker. Furthermore, the types of vulnerabilities can also be foreign territory for those who haven’t had extensive experience in the field. It is for this very lack of knowledge and expertise that so many businesses find themselves at a loss in tracking, as well as minimizing their security risks.

Overconfidence in breach detection puts all businesses at risk

A little over a year ago Tripwire conducted a study that showed energy sector IT professionals were overconfident in their ability to detect breach. Unfortunately, this overconfidence persists. This year’s Tripwire study showed that 72% of energy IT pros believe they could detect configuration changes to endpoint devices on their organization’s network within the hour.

Insider threats are no joke and the hidden costs prove it

The types of security risks that organizations face vary in nature, which is why there’s such a push for all types of businesses to take a holistic approach to information security. Not only do businesses deal with the continuous evolution of threats, but they also deal with vulnerabilities that are hard to manage and resolve. One of these types of weak spots is insider threat.

Coming to terms with the ever changing information security landscape

Running a business requires the collaborative effort of good leadership, effective teamwork, and flexibility to adapt to changes in a timely manner. It also requires planning to reach short term goals, as well as long term ones. When it comes to information security the same applies, especially…

Your greatest risks are hiding in plain sight

Insider threat is quite a big deal when it comes to keeping data secure and has business executives on edge. A study by the Ponemon Institute found that although insider leaks and attacks continue to multiply…

How security affects three of the most important business KPIs

When talking about cybersecurity, highlights tend to be about breaches, costs, and different methods businesses can apply to contain and reduce both; but what about measuring security from a business perspective? Let’s take a look at how security affects some of the most important business KPIs.

Study shows that security and business objectives are really not that different

When companies average a cyberattack per month that costs them about $3.5 million per year in recovery costs, it’s safe to say that businesses are looking to reduce those costs. The information provided by the Ponemon Institute report, External Threats: Security Beyond The Perimeter, also reveals the challenges businesses are facing in doing this.

How businesses can use cybersecurity megatrends to improve

When looking at the recently released 2016 Cost of Data Breach Study: Global Analysis conducted by the Ponemon Institute, the takeaways for businesses are more than only the information on data breach cost changes and their impact on businesses. One of those additional pieces of information include data breach cost megatrends…

SMBs need to get started with cybersecurity before it’s too late

With more than 50% of SMBs experiencing breach in the past 12 months (Ponemon Institute), there’s a clear message for all businesses: No one is exempt from being a target of breach. The small business information security arena has been a bit less highlighted throughout the years, but…

A major key to improving data risk management

Lack of visibility of data assets continues to be a problem within the enterprise. A recent survey by the IRM reveals that two thirds of businesses still don’t know the value of critical data assets being targeted by cybercriminals….

A simple solution to incident response times and rising business costs

The Business Continuity Institute recently reported that two thirds of organizations surveyed had experienced at least one cyber incident in the past twelve months and that 15% had experienced at least 10 incidents during the same period. The study went on to explore response times and incident costs…