The Security BriefingBreaking Information Risk Management News and Trends
One of the best ways to find your starting point with cybersecurity in 2017, what role business executives play, and identifying any repetitive patterns in the way cybercriminals target and attempt to take data from a business is by reviewing what has happened.
When you look at the lag in cybersecurity for organizations there are a number of reasons why cybercriminals are winning. One of these reasons is the lack of knowledge and awareness of the board of directors on cybersecurity risks.
Being the last week of 2016, it only seems fit to evaluate what has been done up to now by organizations to secure their enterprise so that you can know what still needs to be done in 2017 and/or what you haven’t been doing all along that would benefit your enterprise’s cybersecurity.
Two practical tips and easy steps businesses can take to minimize cybersecurity holiday risks.
As a new year heads our way, it is important to evaluate what types of cyber threats to expect so that you can prepare. Even though 2017 won’t come without its surprises; there’s a lot businesses can learn from 2016. The types of breaches and cyberattacks that took place can help any business, no matter the industry, to start making improved cybersecurity plans for 2017.
Findings from a cybersecurity survey by Kaspersky Lab makes clear areas that continue to be a challenge for businesses when it comes to their organization’s state of security. From these challenges we have a three step plan for 2017 to get on track with cybersecurity…
IBM and the Ponemon Institute study finds that 66% of organizations won’t recover from a cyberattack. Even though the study focuses on business resilience following a cyberattack, when you look closely, you see the connection of the study’s findings to something even more significant…
With an increase in the number of breaches, one would expect more involvement in the cybersecurity process by the board and senior leadership, but from Ponemon Institute’s Fourth Annual Study: Is Your Company Ready for a Big Data Breach?, the reality is quite different.
When it comes to cybersecurity it’s obvious how important it is with the increasing number of IoT devices like voting machines, medical devices, and even devices that we may think are old and not vulnerable, such as pagers. This US election period, for example, has shown the growing concerns around a potential hack during an election, and…
There are a number of headaches that IT executives, such as CTOs and CIOs, face in any type of business, including financial services companies. The things that keep these executives up at night involve a number of challenges. Some that stood out from a recent article discussing this very topic are worth mentioning.
Even though organizations know about the importance of data breach preparedness with 86% of companies having a data breach response plan in 2016 versus 61% in 2013, a recent study by the Ponemon Institute shows that they’re far from implementing their plans in a way that helps them weather the storm if breach happens.
There’s always a lot of talk about the board and cybersecurity. This topic is important because without the board’s approval, organizations can’t take the necessary steps to improve cybersecurity. As time passes and mega breaches keep popping up, like the recent Yahoo mega breach, the board does seem to be getting more interested in cybersecurity. However, the question remains, what’s the board’s cybersecurity ‘why’?
The number of vulnerabilities that organizations can confront are so many that if you’re not in the business of security or dealing with security matters, it can come as a bit of a shocker. Furthermore, the types of vulnerabilities can also be foreign territory for those who haven’t had extensive experience in the field. It is for this very lack of knowledge and expertise that so many businesses find themselves at a loss in tracking, as well as minimizing their security risks.
A little over a year ago Tripwire conducted a study that showed energy sector IT professionals were overconfident in their ability to detect breach. Unfortunately, this overconfidence persists. This year’s Tripwire study showed that 72% of energy IT pros believe they could detect configuration changes to endpoint devices on their organization’s network within the hour.
The types of security risks that organizations face vary in nature, which is why there’s such a push for all types of businesses to take a holistic approach to information security. Not only do businesses deal with the continuous evolution of threats, but they also deal with vulnerabilities that are hard to manage and resolve. One of these types of weak spots is insider threat.
When organizations think of information security, they don’t necessarily think business continuity management (BCM) as being a part of it. Some security executives think the same as well, and this is a grave assumption. BCM affects your information security and a study by the Ponemon Institute shows exactly how.
Running a business requires the collaborative effort of good leadership, effective teamwork, and flexibility to adapt to changes in a timely manner. It also requires planning to reach short term goals, as well as long term ones. When it comes to information security the same applies, especially…
Insider threat is quite a big deal when it comes to keeping data secure and has business executives on edge. A study by the Ponemon Institute found that although insider leaks and attacks continue to multiply…
When talking about cybersecurity, highlights tend to be about breaches, costs, and different methods businesses can apply to contain and reduce both; but what about measuring security from a business perspective? Let’s take a look at how security affects some of the most important business KPIs.
When companies average a cyberattack per month that costs them about $3.5 million per year in recovery costs, it’s safe to say that businesses are looking to reduce those costs. The information provided by the Ponemon Institute report, External Threats: Security Beyond The Perimeter, also reveals the challenges businesses are facing in doing this.