How to rethink risks with new cloud deployments

These days, technology seems to evolve at the speed of light. Infrastructures change, attack surfaces reduce and multiply and, not surprisingly, your cloud environment advances. However, with new cloud deployment scenarios created to accelerate busines… Continue reading How to rethink risks with new cloud deployments

VPNs and Trust

TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on.

Most interesting to me is the home countries of these companies. Express VPN is incorporated in the British Virgin Islands. NordVPN is incorporated in Panama. There are VPNs from the Seychelles, Malaysia, and Bulgaria. There are VPNs from more Western and democratic countries like the US, Switzerland, Canada, and Sweden. Presumably all of those companies follow the laws of their home country…

Continue reading VPNs and Trust

Critical Business Operations Are At Risk, and Companies Are Not Making This a Priority

Many companies around the world with industrial operations environments, commonly referred to as operational technology (OT) environments, do not invest the same resources to protect OT systems as they do to secure their corporate enterprise environments. Yet, these same companies are investing significantly to transform these environments with modern technologies and techniques to improve productivity, […]

The post Critical Business Operations Are At Risk, and Companies Are Not Making This a Priority appeared first on Security Intelligence.

Continue reading Critical Business Operations Are At Risk, and Companies Are Not Making This a Priority

Application security approaches broken by rising adoption of cloud-native architectures

The rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security, a survey of 700 CISOs by Coleman Parkes reveals. As organizations shift more responsibility “left”… Continue reading Application security approaches broken by rising adoption of cloud-native architectures

Driving the Desire for FAIR: What Is Your ‘Why’ for Security Risk Quantification?

One of the first questions I ask when working with an organization is “Why are you interested in making FAIR (Factor Analysis of Information Risk) a part of your standard risk management practice?” The answer is different for every client, and that truly highlights the value of risk quantification. We can apply risk quantification to […]

The post Driving the Desire for FAIR: What Is Your ‘Why’ for Security Risk Quantification? appeared first on Security Intelligence.

Continue reading Driving the Desire for FAIR: What Is Your ‘Why’ for Security Risk Quantification?

Using FAIR and NIST CSF for Security Risk Management

Risk management and risk assessments go hand in hand, and most organizations have completed a security assessment based on maturity models at some point in their existence. However, more companies are realizing the need to complement maturity models with a risk-based approach for assessing their cybersecurity positions. One such risk-based approach is based on the […]

The post Using FAIR and NIST CSF for Security Risk Management appeared first on Security Intelligence.

Continue reading Using FAIR and NIST CSF for Security Risk Management

How prepared is the intelligence community to tackle possible threats?

Human psychology is complex. It’s a dynamic and sometimes contradictory system. Compounding this problem is the rapid progress of technology and social media, toppling boundaries like never before. In this complicated and fast-evolving setting, h… Continue reading How prepared is the intelligence community to tackle possible threats?

How to Reduce Zero Trust Frustration By Capturing Context

Zero trust remains one of the best ways for companies to reduce total risk. By knowing the potential risk of any request — both inside and outside the enterprise network — rather than assuming good intentions, companies can limit potential attacks. Deploying a zero trust framework at scale, however, may cause frustration. It increases operational […]

The post How to Reduce Zero Trust Frustration By Capturing Context appeared first on Security Intelligence.

Continue reading How to Reduce Zero Trust Frustration By Capturing Context

Acting on a security risk assessment of your organization’s use of Salesforce

Salesforce isn’t rocket science, but the software has an incredible array of tools, which is why securing it demands a unique (and sometimes complex) approach. If you’re hoping to mitigate risks associated with your company’s use of Salesforce, y… Continue reading Acting on a security risk assessment of your organization’s use of Salesforce