By baselining cyber maturity, one can create an organization's risk profile - and that is the key to being able to build a road map for prioritizing and addressing business risk. ISACA's Brian Fletcher shares insights on establishing the maturity goals for one's unique organization.
Russian troops invaded Ukraine after Russian President Vladimir Putin recognized the independence of two pro-Russia regions. But it's not clear if that military incursion alone will trigger strong sanctions by the U.S. and NATO allies or be backed by cyberattacks that target Ukraine or its allies.
In case anyone doubts that Russia is the epicenter of ransomware operations, follow the money, as Chainalysis finds that "roughly 74% of ransomware revenue in 2021 - over $400 million worth of cryptocurrency - went to strains we can say are highly likely to be affiliated with Russia in some way."
The arrest of a married New Yorker couple, charged with laundering bitcoins worth $3.6 billion that were stolen from a currency exchange in 2016, highlights the risk facing anyone who wants to launder large amounts of cryptocurrency and stay free long enough to enjoy their alleged rap career.
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management. As a part of that initiative, CyberEdBoard posts draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter is "Recognize the Threats."
To build defense capabilities, CISOs need to take a risk-based approach in presenting the highest risk contextually, and they also need to build visibility of tools and controls and a mechanism to prioritize them through a structured program that is communicated in financial terms to the board, says Urooj Burney.
Risk management is essential to the existence of every business. It requires organizations to consider which risks they can accept and which risks they can mitigate. But the problem with risk acceptance is that attackers are "actively looking for risks that you haven't mitigated that they're able to exploit," says...
The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.
For Santosh Kamane, head cybersecurity, risk management and business continuity at DBS Asia Hub 2, privacy regulations play a huge role in improving the security posture of enterprises, including banks.
As healthcare entities set out to better secure cloud application development and management, there are several critical considerations they must not overlook. Key among these: "the need to move to a DevSecOps model in the first place," says Adrian Mayers, CISO of health insurer Premera Blue Cross.
Organizations lack a basic understanding of "the landscape of security vulnerabilities," says U.K.-based cybersecurity expert John Walker. He discusses the state of cybersecurity today - including why he prefers the term "verified trust" to Zero Trust - and offers predictions for 2022.
CISOs need to harden the algorithms written for artificial intelligence, as cybercriminals always leverage AI to launch a zero-day vulnerability, says Manojkumar Parmar, technical global program director at Bosch.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
