How would your organization defend itself in a court of law or to regulators in the event of a CyberSecurity incident? This is a question that many organizations will face due to the increasing likelihood of having a CyberSecurity incident. Unfortunately, it is also a question that many organizations are not prepared to answer with concrete evidence. The best defense they can offer is, “We ask the...
Read More
CEOs and Boards have identified CyberSecurity threats as a significant enterprise risk, governed with the same rigor and discipline as other corporate risk. Effective governance depends upon robust and accurate metrics, which are often difficult to gather for CyberSecurity. CEOs and Boards face the business problem of managing the mitigation of CyberSecurity risk. Actual mitigation of the risk is done by many people performing detailed technical and...
Read More
It is estimated that Cybercrime will cause losses in excess $6 trillion by 2025. Many of these losses can be avoided through the implementation of effective CyberSecurity policies. Currently, prevailing wisdom is that CyberSecurity threats and losses can be avoided through the implementation of technology solutions. As a result, most CEO’s have deferred responsibility for CyberSecurity to their IT organizations. The National Institute of Standards and Technology (NIST) recommendations illustrate...
Read More
CIS and NIST recently updated their critical security controls and framework. The critical security controls and framework make us CyberSecuirty and Network Mangement Best Practices. Cybersecurity breaches into energy, industrial, and healthcare-based networks are happening more frequently and at an alarming rate. According to the Department of Homeland Security (DHS), for many, it’s not a matter of if an intrusion will take place, but when.1 New practices state that networks should be...
Read More
