The Human Element of Incident Response – Part One

There is an extraordinary amount of money and time spent on detection and response relative to cybersecurity, and much of this conversation is technology focused.  In this series of articles, DocuSign CISO Vanessa Pegueros explores a different aspect of incident response — the human being. She asserts that people ultimately orchestrate incident response and the…

Details

Ransomware in Healthcare – Strategies for Protecting the Enterprise – Part One

In this three-part series, Academic Health care CISO Mitch Parker shares his insights on ransomware, incident response and best practices for building a world class prevention program. Ransomware has been the buzzword du jour for the past year in computer security.  This mostly unsophisticated attack type uses deception and already-existing means of communication to destroy…

Details

Will Corporate Security Models Move Toward the EDU Security Model?

No network is impenetrable, a reality that business executives and security professionals alike must accept. The traditional perimeter focused approach to cybersecurity has often failed to prevent intrusions, especially in an application-focused paradigm. While prevention is crucial, timely incident detection of anomalous behaviors for data ex-filtration are key. Continuous monitoring assumes the attackers are already…

Details

Making Insurance Part of Your Enterprise Risk Management Program – Part Three

In this series, Grace Crickette provides C-Level executives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability policy. Part One Part Two Part Three: Risk Management and Insurance Basics Insurance and Risk Management Basics Insurance is just one tool in the Risk…

Details

Protecting the Republican National Convention – My Reflections

As the 2016 Republican and Democratic National Conventions are about to begin, Security Current has challenged me to reflect on an assignment I was given when I was an IT security executive at a major cable, telecommunications and Internet Service Provider. Over four years ago, I was given the opportunity to build from the ground…

Details

The Business of Security

More and more devices are being Internet-enabled daily. To securely drive an organization’s digital strategy, CISOs need to better understand business and new technologies across groups within the enterprise. It is critical to learn how to create value from their data, and understand technical capabilities for the whole business, not just in the IT domain,…

Details