Archive for the ‘CISO’ Category

We all know by now that cybersecurity isn’t just an IT problem. The dramatic effects a data breach can have on an organization, in terms of both reputation and damages from non-compliance, mean that everyone from the CMO to the CEO needs to be concerned about data security. One of the biggest problems organizations face is that their employees, particularly those with elevated privileges, mishandle data (most of the time … Read more

MIT Sloan School of Management carried out a study which used a data breach simulation to observe how different groups respond to security incidents. The simulation involved comparing the decisions made by a group of inexperienced students, to a team of security experts. Interestingly, there was little significant difference in the success rates between the two groups. This is not meant to imply that security professionals are irrelevant, more that … Read more

Back in the day, all CISOs needed to do to get their cybersecurity budgets approved was to intentionally confuse the rest of the C-suite by using overly-complex technical language and showing pretty infographics with lots of red. More often than not, fear was used as a tactic to justify spending money on cybersecurity solutions. This evolved over the years as new regulatory bodies introduced standards that made cybersecurity a box-ticking … Read more

You’ve all heard the often-repeated mantra, “prevention is better than cure,” but is this really reflective of what we’re seeing in the cyber-security industry at the moment? With threats evolving at a faster rate, it’s not realistic to assume that any organization is fully capable of preventing data breaches, especially as a large volume of data breaches originate from within. Accidental or malicious insider threats are a common cause of … Read more

In April of this year, the U.S. Securities and Exchange Commission (SEC) released the news that Yahoo! (Altaba) have agreed to settle a $35 million fine for failing to publicly disclose a data breach within an acceptable time limit. This is fairly historic, as it is the first time that the SEC have enforced a financial punishment for this sort of failure, claiming that it broke numerous federal security laws. … Read more

Let’s face it, CISOs have a lot of weight on their shoulders. They are required to design, implement and enforce security policies with little praise for their efforts. Should something go wrong, and the entire system falls to its knees, they are generally expected to accept full responsibly for the incident. The truth is, however, that data security is everybody’s responsibility. Employees must be made aware of this and be … Read more

CISOs are faced with a seemingly impossible task, as cyber-attacks are evolving faster than their ability to improve their defences. A recent survey, carried out by Ankura, shed some light on the way in which corporations are adapting to meet the demands of the evolving threat landscape. The survey involved 30 industry experts from a range of industries, including finance, healthcare, insurance, manufacturing, media, telecommunications and retail. Firstly, the report … Read more