A flaw in Log4j is an "endemic vulnerability," says the Cyber Safety Review Board, a panel of U.S. public and private sector security experts. Despite a flurry of warnings, many systems remain open to hackers exploiting unpatched systems, ensuring that what seemed like a sprint is a marathon.
CISO Richard Rushing of Motorola Mobility says that open-mindedness, innovation and a desire to learn are essential qualities for CISOs in order to build dynamic defense strategies to stay ahead of the attackers. He also discusses why partners are critical components in cybersecurity.
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
Compare your scores to industry peers for key industrial security protections.
Attacks on Critical Infrastructure are on the rise. Organizations need to leverage modern industrial security practices to avoid preventable breaches and the costly downtime, damage and public safety risks they cause. This quick...
Many of the principles for defending your IT environment apply to industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems and other OT. But securing OT has additional complexities and considerations.
We’ve created this resource guide with more than 80 useful reference links,...
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
Organizations that work with or within the healthcare industry need to prioritize and manage security and privacy-related risk and compliance programs. As the global standard for safeguarding information, HITRUST delivers a scalable, prescriptive, and certifiable framework that enables organizations to demonstrate...
Marco Túlio Moraes of OITI, who is a CyberEdBoard executive member, confronts the metaphor of the cyberthreat as a bear in the forest and discusses how an organization must actively assess its environment, understand what its main risks are, and define a strategy to deal with them.
To answer questions about the state of their cybersecurity posture, CISOs need to have a rigorous process to measure and analyze cyber risk. Furthermore, understanding and quantifying risk levels is key to developing a bulletproof cybersecurity strategy.
In this eBook, we cover:
Why cyber risks arise and how to...
As a security leader, you know that the way to align your vulnerability management program to support the business is to mitigate the vulnerabilities that have the biggest business impact. But that’s easier said than done. How do you discover and rate each vulnerability? How do you remediate them without disrupting...
Security leaders are leveraging blockchain's decentralized approach to establish user identity, as it is designed to ensure the correction of transaction through reliable sources that help to contain fraudulent transactions, says Edmund Situmorang, CTO at Prodigi, Sinar Mas Group.
In the wake of the great digital transformation, cybersecurity is more
important than ever and it's certainly drawing the board's attention.
But how does a security leader keep that attention and also
win over other key stakeholders in the enterprise all while ensuring that cyber maturity and quantifying risk is...
Deriving Value From ISACA’s CMMI Cybermaturity Platform
By baselining cyber maturity, one can create an organization’s risk profile
– and that is the key to being able to build a road map for prioritizing
and addressing business risk. ISACA’s Brian Fletcher shares insights on
establishing the maturity...
Sri Lanka-based Sujit Christy, group CISO at John Keells Holdings PLC, says his passion is empowering security practitioners with the right skills and knowledge and ensuring they speak the right language. He discusses cybersecurity adoption and enablement.
Globalised supply chains and accelerated digitalisation has introduced more interconnected business environments, with a greater dependency by participants on third parties to operate critical processes and deliver goods and services to their customers.
The prevalence of such tightly knit service providers into an...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.