Risk Management February 5, 2018 What Can We Learn From the World Economic Forum’s Cyber Resilience Playbook 3 min read - The WEF's "Cyber Resilience: Playbook for Public-Private Collaboration" aims to help governments align security policies with key values and promote collaboration both within and across borders.
Risk Management January 26, 2018 Choosing the Right Security Framework to Fit Your Business 3 min read - By adopting a hybrid security framework, organizations can cherry-pick the guidelines and compliance requirements that meet their unique business objectives.
Risk Management December 18, 2017 Understanding the COSO 2017 Enterprise Risk Management Framework, Part 2: Combining Apples With Oranges 3 min read - Organizations that follow both the COSO enterprise risk management framework and the NIST CSF can vastly improve their cyber risk oversight and management.
CISO November 20, 2017 Take a Load Off: Delegate Cyber Risk Management Using the Three Lines of Defense Model 4 min read - The Three Lines of Defense model enables board directors to be involved in the cyber risk management process without micromanaging the security team.
CISO October 3, 2017 Cybersecurity Strategy, Risk Management and List Making 3 min read - A framework such as the NIST CSF can help security professionals determine where to start when developing a cybersecurity strategy.
Risk Management October 2, 2017 National Cyber Security Awareness Month: The 2017 Outlook 3 min read - October is National Cyber Security Awareness Month, a combined effort of private industries and public agencies to promote security best practices.
CISO August 24, 2017 Board Directors Need to Get Involved With Cyber Risk Governance 3 min read - Board directors must become more engaged in cyber risk governance or risk incurring regulatory fines and being sued by shareholders.
Government August 18, 2017 Government Agencies Must Work With the Private Sector to Bolster Infrastructure Security 3 min read - To improve infrastructure security per the president's executive order, government agencies must build trust with the private security industry.
August 4, 2017 DOJ Issues Framework for Vulnerability Disclosure Programs 2 min read - The Department of Justice (DOJ) offered guidance on vulnerability disclosure programs, which will assist organizations in navigating legal issues.
Government June 9, 2017 Building Upon Trump’s Executive Order on Cybersecurity 3 min read - President Trump's executive order on cybersecurity sent a powerful message about the real-world implications of information security.