Back when travel didn’t require a mask, I had an insightful discussion with a CISO over a beer on an airplane. I was excited to get my upgrade into first class, and the gentleman next to me turned out to be a CISO at a large chain of stores. When … Continue reading In-flight Beers and CISO Fears
Healthcare security today is extremely complex due to the integrated clinical systems and connected community networks. As well, no longer are the medical records stored with a single provider.
The post CISO Stories Podcast: Effective Health Care… Continue reading CISO Stories Podcast: Effective Health Care Security is More Than HIPAA
Do you ever feel like someone might be viewing your online activity when you are connected to public Wi-Fi? Well, that is fair given the kind of forces arrayed against your privacy. The good thing is that with a virtual private network (VPN), you can p… Continue reading Why VPN Is Vital in Securing Your Online Privacy
Are cybercriminals by nature evil? Only the 1930s pulp magazine hero The Shadow really knows “what evil lurks in the hearts” of cybercriminals. At first glance, it would appear there is great deal of darkness in the hearts of malicious ha… Continue reading Are Cybercriminals Evil or Greedy?
It’s evident that while organizations are spending more and more on legacy cybersecurity solutions, these platforms are not holding up their end of the deal and are not able to proactively defend in a modern, non-signature attack threatscape.
The post … Continue reading The Top 5 Considerations That Should Guide Your SOC Strategy in 2021 and Beyond
Humans are the biggest risk to an organization’s cybersecurity posture, and it might be a bigger risk than many realize. According to research from Elevate Security, human behavior had a direct role in 88% of total losses in the largest cybersecurity … Continue reading Your Security Awareness Training Isn’t Working
Strong governance, risk and compliance (GRC) strategies provide a myriad of benefits to your organization, but where do we start? Consider a few common GRC strategy pain points and learn exactly what your organization needs so that you can implement th… Continue reading The 5 Most Common GRC Pain Points – And How to Optimize your GRC Program
We’re often asked by customers embarking on the SOC 2 journey, “Can we skip the SOC 2 Type 1 and go straight into a Type 2?” They reason that instead of paying for two audits, they would only pay for one. It seems like an easy choice, righ… Continue reading The Perils of a Running Start: Can You Skip SOC 2 Type 1?
SecOps is a combined super-team of cybersecurity professionals from both Security and IT Operations sectors, thus, the conjunction of Security and Operations to form SecOps. SecOps teams are responsible for a wide range of cybersecurity management acti… Continue reading Best Practices for Communicating SecOps to the Board
When the security industry talks about a data breach, often the first question asked involves the state of the victim’s network security – not the breach of data. Why is this? It’s because organizations have their security priorities… Continue reading The Security Industry is Protecting the Wrong Thing