Cybersecurity Leadership

Defining cyber resilience and how to strengthen it

Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag

Why should SecOps, risk management, and strategy work together? Find out how a unified approach can fortify your digital defenses.

Wishing all readers and followers a healthy and prosperous 2024

Adversary alignment is more than just a strategy; it encourages CISOs and senior decision-makers to look at their security posture in an entirely new light.

Complex security issues arise when different clouds and computing models interact.

Effective CISOs need to clearly articulate risk and mitigation strategies in business. They must be clear, precise, and, above all, speak truth to power.

There are so many security tools in place today that there’s a risk that security teams rely too much on their toolsets and not enough on their cybersecurity strategy.

In our technology-dependent society, the effectiveness of cyber risk governance of companies affects its stock prices, as well as short-term and long-term shareholder value. New SEC cybersecurity rules provide a solid basis for transparency. Unfortunately, monitoring the long-term effectiveness of a cyber risk management strategy is not easy to grasp.

Recognizing the need for holistic approaches, companies are focusing on cybersecurity as a business-critical capability and integrating it with their business strategy and goals.

To improve data security and prevent attackers from stealing sensitive information, cybersecurity is critical. Here’s why it should be data driven.

Putting on a red hat and trying to understand the motivations, expectations, behaviors, and goals of bad actors can be a key part of a solid cybersecurity plan.

What sets CISOs who have embraced a proactive strategy apart?

With ransomware at an all-time high, companies need to understand that being cyber resilient means going beyond compliance to considering all aspects of a business, from operational continuity to software supply chain security.

Organizations must base their cybersecurity strategies on resilience — the ability to weather an attack with minimal damage to data, finances, and reputation.

Corporate, public, and non-profit partnerships are key to creating stronger and better cybersecurity strategies.

Comprehensive visibility, employee awareness, proactive threat hunting and actionable threat intelligence are indispensable pillars of a robust cybersecurity strategy and just a few areas that organizations should keep in mind as they build their cybersecurity resilience

The hope is that these types of committees will tighten collaboration between boards and CISOs and lead to more support and resources for organizations’ cybersecurity strategies.

Few organizations would describe cybersecurity as unimportant, yet their cybersecurity strategy often remains overlooked because it needs time and attention to design and implement.

With threats growing in sophistication and frequency, enterprises have adopted a "more is better" mentality.

NIST research reveals misconceptions that can affect security professionals — and offers solutions.

Pending new SEC rules reinforce how integral cybersecurity is to modern business operations, and will help close the gap between security teams and those making policy decisions.

With an infrastructure for observability, security teams can make better decisions about access and identity-based threats.

For a new CISO, the first 100 days set the stage for success. Explore how to make the most of your initial months on the job.

Rather than viewing cybersecurity like any other necessary protective measure, like padlocking a warehouse or retaining a legal team, more companies are considering their information security posture to be a part of their overall business strategy.