The Security Briefing

Breaking Information Risk Management News and Trends

Your cybersecurity checklist for 2017

Being the last week of 2016, it only seems fit to evaluate what has been done up to now by organizations to secure their enterprise so that you can know what still needs to be done in 2017 and/or what you haven’t been doing all along that would benefit your enterprise’s cybersecurity.

3 growing cyber threats for businesses in 2017

As a new year heads our way, it is important to evaluate what types of cyber threats to expect so that you can prepare. Even though 2017 won’t come without its surprises; there’s a lot businesses can learn from 2016. The types of breaches and cyberattacks that took place can help any business, no matter the industry, to start making improved cybersecurity plans for 2017.

Cybersecurity in 2017 starts with a 3 step to do list

Findings from a cybersecurity survey by Kaspersky Lab makes clear areas that continue to be a challenge for businesses when it comes to their organization’s state of security. From these challenges we have a three step plan for 2017 to get on track with cybersecurity…

Study finds most businesses won’t recover from a cyberattack

IBM and the Ponemon Institute study finds that 66% of organizations won’t recover from a cyberattack. Even though the study focuses on business resilience following a cyberattack, when you look closely, you see the connection of the study’s findings to something even more significant…

Election hacking concerns aren’t the only indication of the IoT security problem

When it comes to cybersecurity it’s obvious how important it is with the increasing number of IoT devices like voting machines, medical devices, and even devices that we may think are old and not vulnerable, such as pagers. This US election period, for example, has shown the growing concerns around a potential hack during an election, and…

CTO and CIO challenges make it hard to get security on track

There are a number of headaches that IT executives, such as CTOs and CIOs, face in any type of business, including financial services companies. The things that keep these executives up at night involve a number of challenges. Some that stood out from a recent article discussing this very topic are worth mentioning.

Effective data breach preparedness is still a long ways away

Even though organizations know about the importance of data breach preparedness with 86% of companies having a data breach response plan in 2016 versus 61% in 2013, a recent study by the Ponemon Institute shows that they’re far from implementing their plans in a way that helps them weather the storm if breach happens.

The board of directors are missing the mark when it comes to cybersecurity

There’s always a lot of talk about the board and cybersecurity. This topic is important because without the board’s approval, organizations can’t take the necessary steps to improve cybersecurity. As time passes and mega breaches keep popping up, like the recent Yahoo mega breach, the board does seem to be getting more interested in cybersecurity. However, the question remains, what’s the board’s cybersecurity ‘why’?

Vulnerabilities continue to leave the door open to insider threat and more

The number of vulnerabilities that organizations can confront are so many that if you’re not in the business of security or dealing with security matters, it can come as a bit of a shocker. Furthermore, the types of vulnerabilities can also be foreign territory for those who haven’t had extensive experience in the field. It is for this very lack of knowledge and expertise that so many businesses find themselves at a loss in tracking, as well as minimizing their security risks.

Overconfidence in breach detection puts all businesses at risk

A little over a year ago Tripwire conducted a study that showed energy sector IT professionals were overconfident in their ability to detect breach. Unfortunately, this overconfidence persists. This year’s Tripwire study showed that 72% of energy IT pros believe they could detect configuration changes to endpoint devices on their organization’s network within the hour.

Insider threats are no joke and the hidden costs prove it

The types of security risks that organizations face vary in nature, which is why there’s such a push for all types of businesses to take a holistic approach to information security. Not only do businesses deal with the continuous evolution of threats, but they also deal with vulnerabilities that are hard to manage and resolve. One of these types of weak spots is insider threat.

Coming to terms with the ever changing information security landscape

Running a business requires the collaborative effort of good leadership, effective teamwork, and flexibility to adapt to changes in a timely manner. It also requires planning to reach short term goals, as well as long term ones. When it comes to information security the same applies, especially…

Your greatest risks are hiding in plain sight

Insider threat is quite a big deal when it comes to keeping data secure and has business executives on edge. A study by the Ponemon Institute found that although insider leaks and attacks continue to multiply…

How security affects three of the most important business KPIs

When talking about cybersecurity, highlights tend to be about breaches, costs, and different methods businesses can apply to contain and reduce both; but what about measuring security from a business perspective? Let’s take a look at how security affects some of the most important business KPIs.

Study shows that security and business objectives are really not that different

When companies average a cyberattack per month that costs them about $3.5 million per year in recovery costs, it’s safe to say that businesses are looking to reduce those costs. The information provided by the Ponemon Institute report, External Threats: Security Beyond The Perimeter, also reveals the challenges businesses are facing in doing this.