Trickbot has formed a partnership with another banking Trojan, IcedID, to help distribute each other's malware more widely — and possibly co-develop new capabilities.
By adopting a hybrid security framework, organizations can cherry-pick the guidelines and compliance requirements that meet their unique business objectives.
Understanding the COSO 2017 Enterprise Risk Management Framework, Part 2: Combining Apples With Oranges
Organizations that follow both the COSO enterprise risk management framework and the NIST CSF can vastly improve their cyber risk oversight and management.
Organizations large and small must address many common cybersecurity vulnerabilities to keep up with the evolving threat landscape.
Department heads have to start thinking about risk management in terms of acceptable risk levels, not compliance requirements to mark off a checklist.
Identity and access management (IAM) assessments and frameworks depend heavily on the type of environment the organization fosters.
Containerization tools such as Docker or Rocket can be advantageous for managing programs, but they may require new IT governance practices.
The NIST CSF framework provides guidelines, but it is not prescriptive. It does not tell you how to make the organization’s controls secure. To do that, an organization needs to translate the guidelines into an actionable security program.
What value can the NIST Framework for Improving Critical Infrastructure Cybersecurity bring to my industry and my organization from a software security perspective? Understand how risk-based application security management intersects with the...
How do you approach an overall IT Security Architecture? There are so many aspects and angles to it that it seems almost dreadful to undertake this adventure. Let’s look at some of the key factors to keep in mind.