How to Reduce Zero Trust Frustration By Capturing Context

Zero trust remains one of the best ways for companies to reduce total risk. By knowing the potential risk of any request — both inside and outside the enterprise network — rather than assuming good intentions, companies can limit potential attacks. Deploying a zero trust framework at scale, however, may cause frustration. It increases operational […]

The post How to Reduce Zero Trust Frustration By Capturing Context appeared first on Security Intelligence.

Continue reading How to Reduce Zero Trust Frustration By Capturing Context

Third-Party Risk Management: How to Get Your Vendors on Board

So you’ve finally stood up a proper third-party risk management (TPRM) program. You’ve got your vendors inventoried, their risks assessed and technologies selected to keep them on the straight and narrow. That was the easy part, believe it or no… Continue reading Third-Party Risk Management: How to Get Your Vendors on Board

3 myths about ISO 27001 certification

ISO 27001 is the international standard for an ISMS (information security management system), a best-practice approach to security that helps organisations achieve all of their data privacy compliance objectives. If you are currently weighing up your o… Continue reading 3 myths about ISO 27001 certification

Key OT Cybersecurity Challenges: Availability, Integrity and Confidentiality

Organisations are still underestimating the risks created by insufficiently secured operational technology (OT). One current example comes from Germany. According to a report by heise.de, external security testers consider it “likely” that a successful… Continue reading Key OT Cybersecurity Challenges: Availability, Integrity and Confidentiality

How to estimate threat and risk associated with that threat and not only vulnerability severity?

Having this simple formula Risk = Threat x Vulnerability x Information Value it is quite difficult to estimate risks quantitatively because of threat estimation seems to me the most difficult part.
I aware about CVSS and other vulnerabilit… Continue reading How to estimate threat and risk associated with that threat and not only vulnerability severity?

Top 10 risks to include in an information security risk assessment

An ISO 27001 risk assessment should have five key steps. In this blog, we look at the second step in the process: identifying the risks that organisations face. How to identify threats You must determine which can compromise the confidentiality, integr… Continue reading Top 10 risks to include in an information security risk assessment

Guide to Cloud Network Security Basics

What is cloud network security? Cloud network security is comprised by the policies, controls, products, and procedures that protect a cloud infrastructure, its data, and its systems. How to gain flexibility, scalability, and velocity in the cloud  Wha… Continue reading Guide to Cloud Network Security Basics