OneTrust has put nearly $1 billion in investment to good use, helping companies address data governance, security assurance, third-party risk and more, Chief Strategy Officer Blake Brannon says. OneTrust has taken on challenges such as monitoring the ethical use of data and verifying compliance.
The ongoing Russia-Ukraine war has featured cyber operations being used to target Ukraine as well as Russia. But CyberPeace Institute, which tracks cyberattacks tied to the conflict, has so far seen 27 different countries being affected by more than 300 attacks, and many have affected civilians.
A flaw in Log4j is an "endemic vulnerability," says the Cyber Safety Review Board, a panel of U.S. public and private sector security experts. Despite a flurry of warnings, many systems remain open to hackers exploiting unpatched systems, ensuring that what seemed like a sprint is a marathon.
CISO Richard Rushing of Motorola Mobility says that open-mindedness, innovation and a desire to learn are essential qualities for CISOs in order to build dynamic defense strategies to stay ahead of the attackers. He also discusses why partners are critical components in cybersecurity.
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
Organizations that work with or within the healthcare industry need to prioritize and manage security and privacy-related risk and compliance programs. As the global standard for safeguarding information, HITRUST delivers a scalable, prescriptive, and certifiable framework that enables organizations to demonstrate...
In order to make good risk-based decisions quickly, it is important to assess risks quantitatively instead of making decisions based on personal experiences, says Sam O'Brien, the vice president of sales and go-to-market, Asia Pacific and Japan, at Archer IRM.
Marco Túlio Moraes of OITI, who is a CyberEdBoard executive member, confronts the metaphor of the cyberthreat as a bear in the forest and discusses how an organization must actively assess its environment, understand what its main risks are, and define a strategy to deal with them.
To answer questions about the state of their cybersecurity posture, CISOs need to have a rigorous process to measure and analyze cyber risk. Furthermore, understanding and quantifying risk levels is key to developing a bulletproof cybersecurity strategy.
In this eBook, we cover:
Why cyber risks arise and how to...
As a security leader, you know that the way to align your vulnerability management program to support the business is to mitigate the vulnerabilities that have the biggest business impact. But that’s easier said than done. How do you discover and rate each vulnerability? How do you remediate them without disrupting...
Security leaders are leveraging blockchain's decentralized approach to establish user identity, as it is designed to ensure the correction of transaction through reliable sources that help to contain fraudulent transactions, says Edmund Situmorang, CTO at Prodigi, Sinar Mas Group.
In the wake of the great digital transformation, cybersecurity is more
important than ever and it's certainly drawing the board's attention.
But how does a security leader keep that attention and also
win over other key stakeholders in the enterprise all while ensuring that cyber maturity and quantifying risk is...
Deriving Value From ISACA’s CMMI Cybermaturity Platform
By baselining cyber maturity, one can create an organization’s risk profile
– and that is the key to being able to build a road map for prioritizing
and addressing business risk. ISACA’s Brian Fletcher shares insights on
establishing the maturity...
Sri Lanka-based Sujit Christy, group CISO at John Keells Holdings PLC, says his passion is empowering security practitioners with the right skills and knowledge and ensuring they speak the right language. He discusses cybersecurity adoption and enablement.