Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a defined comparison for Information Security. To support this argument, there is a defined contrast between information security and Generally Accepted Accounting Principles. We’ll explore this relationship in more detail below.

It is strange to think that not that long ago the Internet was a very different place. A place filled with static text content, marked up in HTML, and served up alongside a few included image files; mostly consumed by a small population of persons with specific interests. Today’s Internet consumer demands a vibrant and responsive user experience customized to their individual interests. A localized cornucopia of options from around the globe, available on demand.

It was a turbulent time for business across the globe in 2020 and, whilst the situation is improving in 2021, there are still obstacles to overcome. Not least of all is the ever-present issue of cyber security: an average of 57% of SMEs admit to a breach in 2020, and 86% of organisations expect attacks to increase going forward. As business focus on recovering revenue streams and driving growth, investing in cyber security is often overlooked.

The technological change of the 21st century has seen rapid growth in the innovation and fastest adoption of cloud computing. It is now considered the most ingenious solution that removes the idea of having a data centre by helping businesses meet their needs virtually in the most cost-effective, efficient, and productive way.

Threat modelling is a process for identifying potential threats to an organization's network security and all the vulnerabilities that could be exploited by those threats. Most security protocols are reactive - threats are isolated and patched after they've been injected into a system. Threat modelling, on the other hand, is a proactive approach to cybersecurity, whereby potential threats are identified and anticipated.

Technological innovation doesn’t slow down when it comes to software, but neither do cyberattacks. The rapid pace of modern programming brings the need for agility and security that can scale and improve to meet business needs. Organizations that want to keep up with innovation while staying secure need more than just capable tools in their tech stacks; having the right people in the right seats to champion your security efforts throughout the development process is also key.

Verizon recently published its 2021 Data Breach Investigations Report (DBIR). This year, Verizon analyzed 79,635 incidents, of which 29,207 met their quality standards and 5,258 were confirmed data breaches, from 88 countries around the world. Despite the global pandemic, the DBIR uncovered that cybercrime continued to thrive. Like previous years, the majority of breaches were financially motivated, and most were caused by external actors illegally accessing data.

The Biden Administration published a new executive order (EO) to strengthen the digital security of U.S. federal government networks. Published on May 12 by The White House, the executive order covered much of what many media outlets reported would appear in the draft. This included the issue of supply chain security. For example, the EO stated that the U.S. federal government will begin requiring developers to make security data about their tools publicly available. It also said that the U.S.

Online digital publishing platforms have thrived in the new media age. The ability to publish an article detailing news from around the world, within minutes of it happening, has allowed publishers to give their customers exciting and up-to-date content 24 hours a day, 7 days a week. However, like many other online platforms, publishers are often the victim of cyber-threats. Specifically, malicious bots programmed to perform a variety of attacks such as scraping, content theft and ad fraud.

The Federal Risk and Authorization Management Program, or FedRAMP, is a federal government program to provide a standardized approach for security assessment, authorization, and continuous monitoring for cloud services and cloud products offered by cloud service providers (CSPs). FedRAMP creates a single risk-based standard so government agencies can engage with cloud-based providers more easily.