CISOs – the senior level executives responsible for developing and implementing cybersecurity programs for corporations and other organizations – are not happy campers these days. And it’s not just because they are chronically understaffed and under constant pressure.
I am yet to meet a CISO who has been given unlimited resources to secure the organization, and in almost all cases, there is more work that can be done to improve security. So given infinite time and resources, how to prioritize the next strategic initiative or project? The increasing maturity of security control frameworks such as those developed by NIST and CIS provide a good structure for maturing a cyber security programme, mapped to preventing common tactics, techniques and procedures .
Cybersecurity is a trending topic among boards and executives. Yet, many organizations need more technical capabilities to prepare and respond effectively to cyber incidents and regulatory requirements. Let’s explore what cybersecurity professional services really are and how they can help take an organization’s security to the next level.
No single organization can master all trades, which is why their success hinges heavily on their vendors. And if vendors are crucial for your business operations, it’s necessary to manage them as if your success depended on it–because it does. Yet, until recently (2016), only a third of companies knew how many vendors accessed their systems each week.
At SecurityScorecard, we like to look ahead and focus on the future. However, the past can also teach us some valuable lessons, particularly in cybersecurity. 2022 was quite an eventful year in the space, with many high-profile attacks, including full-blown cyber warfare. Out of all threats we saw this past year, a few stood out. This article will cover seven of the most dangerous cyber threats of 2022, in no particular order.
As demand for greater security visibility accelerates, SecurityScorecard Marketplace, the one-stop shop for trusted SecurityScorecard partner solutions, has gained significant momentum. In 2022, the Marketplace partner ecosystem expanded by 80% to now include more than 90 technology and integration partners, including OneTrust, Coupa, CSC, CrowdStrike, IBM, Splunk, and Snowflake.
A classic cybersecurity storyline: there is executive tension over cybersecurity spending, the company gets breached, and a blame game between the CISO and their peers ensues, resulting in the termination of the CISO as a form of remediation. Reports indicate that only 27% of CISOs stay in their role at a company for three to five years.
When it comes to cyber security, there are a few benefits of doing regular cyber risk assessments. Read on for more information.
A third-party questionnaire is a list of questions that vendors complete to help organizations understand their vendors’ security posture, vulnerabilities, and compliance with industry standards (including, but not limited to SOC 2, ISO 27001, etc.). However, if this questionnaire is completed incorrectly, organizations can face a series of unknown third-party risks.
