logo
June 11, 2020 | Ryan Brooks

Cybersecurity Assessment: Definition and Types

According to the national Common Vulnerabilities and Exploits (CVE) database, there are more than 11,000 known vulnerabilities in commonly used software and systems. IBM has calculated that breaches of these vulnerabilities cost large enterprises $3.92 million on average; for 60% of those breaches,...
June 3, 2020 | Ilia Sotnikov

Congratulations, you’re a CISO! Now what?

There is no escaping the fact that information security incidents can serious damage a company or even put it out of business. As organizations recognize the need to connect business risks with IT strategy, they are increasingly focusing on one person: their Chief Information Security Officer...
May 29, 2020 | Yelena Geras

Improving Security through Vulnerability Management

The battle for information security has been escalating for a long time, but the recent explosion in remote work has taken the struggle to a whole new level. IT and security teams already overwhelmed by a constant flood of incoming data, cloud technologies and stringent compliance regulations are...
June 17, 2020 | Ryan Brooks

The Purpose of IT Risk Assessment. Why Bother?

IT risk assessment is the process of identifying security risks and assessing the threat they pose. The ultimate purpose of IT risk assessment is to mitigate risks to prevent security incidents and compliance failures. However, no organization has the resources to identify and eliminate all...
June 25, 2020 | Ryan Brooks

Risk Analysis Example: How to Evaluate Risks

Organizations are struggling with risks on multiple fronts, including cybersecurity, liability, investment and more. Risk analysis, or risk assessment, is the first step in the risk management process. IT risk analysis focuses on the risks that both internal and external threats pose to the...
April 21, 2020 | Ryan Brooks

Beginner’s Guide to IT Risk Management

Managing risk is at the heart of every enterprise. Decisions about finance, marketing, expansion and human resources all include some level of risk. When enterprises evaluate their IT-related risks, factors that come into play include security, access, data handling and regulatory compliance...
March 12, 2020 | Matt Middleton-Leal

How to Reduce Cybersecurity Complexity and Successfully Manage Risks

Managing cyber risks is an increasingly difficult challenge. Even as businesses generate more and more data and adopt new technologies and processes, cybercriminals are busy developing new attack strategies and more sophisticated malware. It is little wonder that the number of data breaches has...
April 16, 2020 | Brian Johnson

Applying a Risk Management Framework to Improve Information Security

Whether you perform risk assessments for clients or your own organization, you know how daunting it can be to define and prioritize the risks you identify. Fortunately, security frameworks exist to help us create a strategy for minimizing or eliminating risks. The NIST (National Institute of...
February 21, 2019 | Steve Dickson

4 Questions CISOs Can Use to Get Executive Buy-in

All too often, the C-suite sees IT security projects as supermassive black holes that absorb millions of dollars but don’t give anything in return except a vague sense of security. CISOs, on the other hand, know that a strong cybersecurity posture can do far more than reduce the likelihood of...
December 12, 2018 | Matt Middleton-Leal

Three Steps to Justify an Investment in IT Security

Since there is no such thing as 100% security, investments in it never seem to be enough. In regards to budgeting, the role of a CISO is to prioritize available resources based on the IT risks the organization faces and justify additional investments when needed to the executives. Easier said than...
Show more articles
...