Incident Response November 1, 2021

A Journey in Organizational Resilience: Security by Design

4 min read - Security by design is one of those concepts that happily goes hand in hand with resilience. Candidly, they were made for each other. The security by design methodology helps minimize some of the inherent risk we cannot do anything about.…

Software Vulnerabilities July 29, 2021

July 2021 Security Intelligence Roundup: Ransomware, Security by Design and How to Analyze in Windows With Frida

3 min read - Getting and staying ahead of threat actors means knowing the cybersecurity landscape. Today, that still often means ransomware and changing the ways and places we work. July’s top stories include a supply chain attack from the REvil ransomware gang and…

Artificial Intelligence July 14, 2021

How to Use Design Thinking for Next-Gen Privileged Access Management Architecture

4 min read - As cyberattacks speed up and become more complex, defenders need to do the same. One large component of this is privileged access management, or PAM. But PAM itself is always evolving. So how does your security operations center (SOC) keep…

CISO May 27, 2021

Security by Design and NIST 800-160, Part 4: Technical Processes From ‘Go’ to Disposal

4 min read - Even if you are not an engineer, NIST 800-160 Volume 1 could help you in your work to understand security by design. It shows what you need to secure your information system. In the other blogs in this series, we’ve summarized…

Risk Management May 20, 2021

Security by Design and NIST 800-160, Part 3: Technical Processes

3 min read - Picking up where we left off on the security-by-design thinking offered by NIST 800-160 Volume 1, we move onward in Chapter 3, focusing on the technical management processes. Let’s look at some security design principles at the technical processes level.…

CISO May 13, 2021

Security by Design and NIST 800-160, Part 2: Life Cycle Processes

4 min read - NIST 800-160 Volume 1 features many guidelines of interest to cybersecurity experts looking to boost their defenses through security by design. As we saw in the first post in this series, the key principles of this document provide a good…

CISO May 6, 2021

Security by Design and NIST 800-160, Part 1: Managing Change

5 min read - Building a house requires a blueprint. When it comes to building systems, National Institute of Standards and Technology’s (NIST) documents about security by design are some of the most reliable blueprints. As systems become more complex, they’re also more likely…

Software Vulnerabilities May 20, 2020

Take a Bite Out of Sweyn

4 min read - If you work in the healthcare industry, you may have heard about a family of vulnerabilities called "SweynTooth." But how serious is SweynTooth, and what should hospitals be doing to minimize risk?

Application Security May 7, 2020

Are Current Security Assurance Models Suitable for the Digital World?

3 min read - A proactive security assurance model is a key enabler for delivering an effective operating model that encompasses the protection of people, processes and technology.

Retail March 11, 2020

How Retail Security Can Welcome IoT Innovations Without Putting Customers at Risk

4 min read - As organizations rely more on the IoT to enable internet connection at every part of the retail process, the right mindset can go a long way toward achieving a win-win for retail security.