How to evidence your way thru compliance

Posted by:

I’m not usually a fan of nouns being used as verbs.  As Calvin said to Hobbes in Bill Watterson’s wonderful comic strip, “Verbing weirds language”.

I mean, who really ‘dialogues’ with colleagues, or  ‘greenlights’ tasks for them to ‘action’? 

But there’s one denominal verb https://en.wikipedia.org/wiki/Denominal_verb (yes of course there’s a word for it) which I find myself using, and that is ‘evidencing’. This is a wonderfully concise way of saying “proving ...

Read More →
0

The Delicate OpSecs needed to secure Supply Chains

Posted by:

OPSEC is a pretty familiar term in this industry, but reviewing its fundamental meaning and what it implies for us today in our current threat landscape is a useful exercise.

After all, being able to secure our systems and information from prying eyes from the likes of cyber thieves, scammers, ransomers, and so on, is a key priority for most businesses today.

OPSEC is the term the industry uses to talk about operational security. ...

Read More →
0

CCPA vs GDPR – what you need to know

Posted by:

Most of us are aware that California’s new consumer privacy law- CCPA – is set to take effect next January. While that might seem like eons away, it is not.

You might be forgiven for thinking that because you have twisted and strengthened your operation to comply with the EU’s General Data Protection Act, GDPR for short, you surely must be meeting the California privacy requirements.

Sadly – you are wrong. It’s ...

Read More →
0

DevSecOps: an intro on why you need it

Posted by:

We’ve pulled together an FAQ on DevSecOps, so you can give some thought on whether this approach might be beneficial in your organization. We hope it’s useful.

What is DevSecOps?

The concept evolved from its predecessor DevOps, a portmanteau for Development and IT Operations (Dev + Ops). I have also heard it referred to as “Agile on steroids”. The idea is simple: it bridges the gap between development and IT teams through collaboration to reduce project ...

Read More →
1

Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →

0

2019: What to expect in cybersecurity this year

Posted by:

Another year is upon us. 2018 was a cyber rollercoaster with massive internet scandals and data breaches.  With that in mind there are a number of IT security topics that should be top of mind for 2019.

Take a look at a few we’ve identified…

Security by Design

We expect to see a greater focus on baked-in security, be this in application development, or in IT and company strategies. In 2018, with the enforcement of Europe’s data ...

Read More →
0

Will blockchain transform supply chain management?

Posted by:

Just as no man is an island, no business operates entirely on its own. We all have a supply chain, a support network of businesses providing the products and services we rely on to get our own work done.

This supply chain has always been a major risk point for businesses – we count on our suppliers to get their work done to standard and on time, but also to protect our interests, and in many cases our data and that ...

Read More →
0

Penetration Tests: Why It Stops Trouble Before It’s Too Late

Posted by:

No matter what kind of company you work in, if it has online assets – like a web store or site, or databases containing sensitive information like business strategies, financials, or customer info – you face a dilemma: how do I stop unauthorized users from entering restricted systems and accessing files, yet ensure seamless accessibility to my users?

There are of course countless approaches to this problem, usually including layers of security, powerful software and enforced policies. Now, even in big ...

Read More →
0

Top five IT security threats AND what you can do about them

Posted by:

The job of a security administrator is far more complex today than ever. Plethoras of attacks attempt to blow down your corporate doors on a daily basis. Below, we’ve outlined today’s most prevalent attacks, and provided some expert advice on how to prevent being their next victim.

 

Malware and targeted attacks

Malware has moved a long way from the viruses and worms of the 1990s, becoming ever more crafted to target specific businesses or sectors, to steal ...

Read More →
0

Supply Chain attacks: 80% of senior IT professionals say it’s fastest growing cyberthreat

Posted by:

Earlier this year, we wrote about supply chain risk, warning organizations to be more wary, especially since GDPR has come into full effect. That said, GDPR is by no means the only privacy regulation out there (consider Massachusetts’ CMR 17.00  or California’s 2018 Consumer Privacy Act. No longer can we assume little to no liability when it comes to third party processing or handling of sensitive data.

Read More →

0
Page 1 of 11 12345...»
})
SEC Cybersecurity Exams