Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Establishing Information Security in Project Management

A person recently asked me if it was possible to implement ISO 27001 using a specific project management software product. They used the tool in the past to define project plans and make project reviews. While I told them this is entirely possible, the truth is one can implement ISO 27001 even without a project plan or any specific tools. But should they?

Risk Mitigation Strategies

It is rightly said that “Prevention Is Better Than Cure.” This maxim can also be applied in information technology in terms of IT risks. Risk mitigation is a process whereby an enterprise takes some proactive measures or use some strategies to mitigate or eliminate risks altogether in order to prevent or reduce damage to the organization. The following sections gain an insight into some popular risk mitigation strategies organizations are looking for in 2019.

Security is Simple as 1, 2, 3

Keeping an organization’s IT assets secure in this day and age is a challenge. The sands of the information security landscape are constantly shifting, and it can be difficult for practitioners to find solid footing; to identify those initiatives that will net the greatest return on security spend. Each day seems to bring another emerging concern in the threat landscape.

SecureAge Security Suite - DRM & Digital Signing

SecureFile is a comprehensive PKI-based document security solution that secures mission-critical files with 256-bit AES (Advanced Encryption Standard) file encryption and digital signing. Selected files are protected from unwanted tampering and interception to ensure privacy, integrity, and authenticity. We protect your data Every File | Every Place | Every Time

Managed Vulnerability Management? Yes, You Read That Right

The importance of a mature vulnerability management program can’t be overstated. File integrity monitoring (FIM) and security configuration management (SCM) might be the bedrock of a strong cybersecurity program, but they can only go so far. Scanning for vulnerabilities needs to be a foundational part of your program, too.

What Is DLP, Why Does It Matter And What Is Your Current Strategy Missing?

Once upon a time, protecting critical data assets meant keeping printed confidential information in locked boxes labeled top secret. As long as these boxes were kept in secured areas, all was well. Today, information has no such physical boundaries. Network perimeters and firewalls have become the new walls, and data classification schemas are the new box labels. This shift led to an evolution in how companies protected their data from leaving their environments.

How to Audit Governance

Governance, risk, and compliance (GRC) have become buzzwords in cybersecurity. As governments and industry standards organizations respond to the data breach landscape by creating new compliance requirements, governance has become fundamental to creating an effective risk management program. Auditing governance requires organizations to communicate with internal and external stakeholders.

3 enemies - the $96B in cyber crime that nobody wants to talk about

They say that bad things always come in threes. The adage may testify to little but the popularity of superstition, but for security executives today, this notion regrettably passes muster. Crime, complexity and cost are three foes that every CISO must face, and while most companies think crime is the enemy, in many cases it is the latter two heads of this “cyber-cerberus” that deliver the most certain bite.

The Main Elements of a Security Risk Analysis Report

No organization has complete protection against today’s sophisticated and fast cyber-threats. To maximize the security posture of your enterprise, you need to evaluate the risks in an effective manner, in addition to the various other security measures. The report in which you describe all the risks – coined as “Security Risk Analysis Report” – has utmost importance for the effectiveness of the overall Risk Management Program.

The Path to Cyber Resilience: Takeaways from the Scalar 2019 Security Study

The annual Scalar Security Study, published in February 2019 and conducted by IDC Canada, identified a new normal across the threat landscape: cybersecurity incidents, be it exfiltration, infiltration or denial of service, occur on a regular basis. Focused on small, midsize and large organizations in Canada, the study confirms that intrusions are inevitable and moreover that a majority of organizations experience successful attacks.