Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
"If you've got an incident response program that's been around for years, then it's probably based on...
Traditionally in cybersecurity, technology is the central focus. Adversaries act; security controls respond. But Richard Ford of Forcepoint says it is time to change the dynamic with a shift to human-centered security.
The traditional, tech-centric approach cedes too much control to the attackers, says Ford, Chief...
What trait does a global cyberattack and a hurricane share? Both could cost insurers - and victims - dearly. In a new report, Lloyd's of London estimates that a major cloud services attack could trigger $53 billion in losses and cleanup costs.
Determined attackers constantly find new methods to outwit traditional security systems, using an arsenal of techniques to attack from every angle. Knowing who is behind the threats you face and what their motivations are can help you implement security measures to put them on the defensive.
Organizations and analysts need the ability to shift threat intelligence from a data feed into actionable results - this is the core of applied threat intelligence (ATI). Organizations need to move their thinking away from viewing data breaches as a onetime event and instead recognize that with every incident they are...
Enterprise Intelligence is an ongoing practice in which organizations analyze disparate data sources to identify the vulnerabilities and threats across the enterprise.
Download this infographic and learn:
How much more likely analytically driven organizations are to respond to security threats;
What percent of...
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?
Organizations need to take a well-considered, structured approach to integrating IoT into existing information risk management processes to address security, Gartner's Ganesh Ramamoorthy explains in an in-depth interview.
The recent WannaCry ransomware campaign has led to more healthcare organizations paying closer attention to cybersecurity and the latest threats, says Lee Kim of the Healthcare Information and Management Systems Society.
Although it's important to work with law enforcement after a data breach, organizations need to be careful about what information they share, says attorney Ruth Promislow, partner at Bennett Jones LLP.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior, as compared to peers in their sectors.
Yet, only 29 percent say that they are very confident in the effectiveness of their security controls, and nearly half say that they have gaps in detecting...
The latest edition of the ISMG Security Report leads with an analysis exploring how artificial intelligence can be used by hackers to threaten IT systems and by organizations to defend critical digital assets. Also, a deep dive into the NotPetya ransomware attack.