Premium Content

Access "Cybersecurity: Global risk management moves beyond regulations"

Kathleen Richards, Features Editor Published: 29 Aug 2013

Regulatory environments and compliance drive global risk management and associated actions at many organizations. But auditing is not based on actual threats. As threat intelligence becomes more available and this information is offered up by multiple sources, is it changing the way that global enterprises view risk assessment? "The ability to access intelligence and react to complex attacks is vital," said MacDonnell Ulsch, CEO and chief analyst at ZeroPoint Risk Research, LLC, a Boston-based consultancy focused on global risk management and related services. "If a regulation states that a risk assessment must be conducted, what does that really mean? "Regulations don't instruct, so it is important to understand what to look for," said Ulsch, who likens global threat intelligence to a cat setting out birdseed. "After a time, the birds feel it's safe to eat there."  Consumed by compliance Security professionals have warned companies for years that compliance-driven security programs may not adequately address security concerns. "It is very rare that you will... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features
    • Firewalls play by new rules by David Strom, Contributor

      Modern firewalls offer greater application awareness and user controls. Protect your migration strategy with these tips from the pros.

    • Bridging the IT security skills gap by Robert Lemos

      While poaching security talent may plug short-term gaps, outreach and education will solve the long-term shortfall in IT security professionals.

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...