Budgets are a big issue today for those managing their risk management frameworks, says NIST's Ron Ross, who offers his advice on using cloud as a means to save money and improve IT infrastructure.
CISOs shouldn't be tied too closely to specific guidance and processes when new threats emerge or their organization has suffered a breach, says RSA CISO Eddie Schwartz.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.
Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
September is the peak of the Atlantic hurricane season. How should organizations in the potential path of these storms assess preparedness? Alan Berman of the Disaster Recovery Institute advises.
As a result of the recent Apple-Samsung verdict, CISOs at organizations need to be mindful of where their software is being sourced from, says patent attorney Jim Denaro.
Cyber is part of our everyday lives. Still, in many cases, a natural - or perhaps an unnatural - divide exists between the virtual and physical worlds. This is especially true in the way we deal with crime.
One takeaway from the $1-billion-plus verdict against Android-maker Samsung for infringing Apple patents is that the users of infringed technology also could be held legally liable, patent attorney Jim Denaro says.
Advice from the report, Bring Your Own Device: A Tool Toolkit to Support Federal Agencies Implementing BYOD Programs, is applicable to all types of public and private organizations.
Preparing for an exam to assess FFIEC Authentication Guidance conformance can be daunting. But according to one bank's experience, it doesn't have to be. What words of advice does this institution share?
By combining responsible management, risk management and compliance functions and internal audits, organizations will go far in securing their data and systems, says PricewaterhouseCoopers Partner Carolyn Holcomb.
Information sharing has been trending upward, according to data from the monthly cybersecurity index. And while it's not surprising, it is "gratifying," says index co-publisher Dan Geer.
COBIT 5 for Information Security comes at a time when the IT threat landscape is changing drastically. ISACA's Robert Stroud explains how organizations can use the framework to mitigate the risks.
More organizations are expected to purchase cyber insurance in the coming years as risk managers become more involved in buying these types of policies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.