Security risk management News
December 08, 2016
This is a guest post for the Computer Weekly Developer Network blog 'penned' by Olivier Bonsignour in his role as executive vice president of product development at Cast -- - the company is ...
December 07, 2016
A malvertising campaign could put millions at risk of attack as the Stegano exploit kit is being delivered by this new method and is targeting unpatched systems.
November 02, 2016
Google disclosed an unpatched Windows zero-day vulnerability, which Microsoft claims is actively being exploited by a Russian APT group connected to the DNC hack.
October 05, 2016
Everyone wants to contribute to open source projects, but few consider the risks. Salesforce evangelist James Ward outlines the legal and security risks involved.
Security risk management Get Started
Bring yourself up to speed with our introductory content
Suffering a cloud DDoS attack is now more likely than ever. Expert Frank Siemons discusses what enterprises need to know about these attacks and how to prevent them. Continue Reading
As the internet of things gains traction, data protection is a must. Learn how three encryption methods can help secure the IoT-enabled workplace. Continue Reading
Implementing end-to-end trust points and countermeasures is critical to mitigating connected city threats and staying safe. Continue Reading
Evaluate Security risk management Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The Keydnap malware has the ability to steal passwords stored in the Keychain Access app on Mac systems. Expert Nick Lewis explains how to mitigate this issue. Continue Reading
Security is a top concern in health IT, especially given that attacks have become more sophisticated and frequent. A CIO talks about key technologies for preventing ransomware. Continue Reading
The executive-level security position is always up for debate. Is it a technical role, or is it moving out of the IT department to influence broader security and risk management initiatives? Continue Reading
Manage Security risk management
Learn to apply best practices and optimize your operations.
Almost 20 years after Citicorp decided to hire an executive-level security position dedicated to protecting its banking business, the responsibilities of the CISO job are still unclear to many business executives and open to discussion. Why do some companies still need convincing?
As threats and infrastructure evolve at a fast pace, chief information security officers have to remain proactive in the face of ongoing digitization and globalization. In this issue of Information Security magazine, we look at the role's elevation and influence on broader security and risk management initiatives. Most importantly, we highlight accomplishments of dedicated chief security officers from different industries -- entertainment, financial services, healthcare, retail and technology -- and get their views on challenges in the CISO job and changes ahead.
"The CISO has evolved from a technical security role to that of a corporate executive with a risk management focus," says Tim Callahan, senior vice president of global security and CISO at Aflac.
Strategic security is an increasing responsibility of the CISO job. A growing number of security officers have implemented a threat intelligence capability to help steer the technical aspects of their security program. We talk to CISOs and other security experts about some lessons they've learned -- sometimes the hard way -- as they lead these efforts. The CISO job is tough, but those who are up to the challenge find great rewards.Continue Reading
Allowing users to tunnel through a firewall to access any site creates a security risk. How big of a risk is it? It depends on how much you trust your users. Continue Reading
Now that NIST has deprecated the use of SMS 2FA, should nongovernment organizations follow suit? Expert Mike Chapple discusses the risks of SMS-based 2FA to enterprises. Continue Reading
Problem Solve Security risk management Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
CISOs ensure that cloud services comply with IT security and risk management policies. But who has executive oversight of cloud-based technology and data? Continue Reading
Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness. Continue Reading
Threat-related metrics that CISOs find useful often differ from what the C-suite wants to know. Here's how to communicate risk -- and return -- on cloud security investments. Continue Reading