Ask the Experts

Ask the Experts

Information security program management

• Attackers turn the tables on incident response strategies

  Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies.  Continue Reading

• Do I need to adopt a cybersecurity framework?

  A comprehensive cybersecurity framework can help businesses avoid costly attacks. But there are other advantages.  Continue Reading

• What's the best way to maintain top cybersecurity frameworks?

  Keeping top cybersecurity frameworks up to date means understanding how a business evolves and changes. What steps should you take to maintain your security strategy?  Continue Reading

• What are the core components of a cybersecurity framework?

  Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know.  Continue Reading

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together.  Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.  Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up.  Continue Reading

• What are the most important security awareness training topics?

  Organizations looking to heighten security awareness among employees need to cover a wide variety of security awareness training topics, but social engineering tops the list.  Continue Reading

• Why do enterprises need employee security awareness training?

  With human error as the leading cause of breaches and security incidents within the enterprise, organizations should offer employees mandatory security awareness training with regular refreshers.  Continue Reading

• Why did a Cisco patch for Webex have to be reissued?

  Cisco's Webex Meetings platform had to be re-patched after researchers found the first one was failing. Discover what went wrong with the first patch with Judith Myerson.  Continue Reading

• Should large enterprises add dark web monitoring to their security policies?

  Security expert Nick Lewis says dark web monitoring can help enterprises gather threat intelligence, but enterprises need to understand how to validate the data they find.  Continue Reading

• What are DMARC records and can they improve email security?

  Last year, the U.S. federal government mandated that by October 2018, all agencies must have DMARC policies in place. Learn how complicated this requirement is with Judith Myerson.  Continue Reading

• SamSam ransomware: How can enterprises prevent an attack?

  SamSam ransomware infected the Colorado DOT after hitting hospitals, city councils and companies. Learn how this version differs from those we've seen in the past.  Continue Reading

• Self-sovereign identity: How will regulations affect it?

  Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain.  Continue Reading

• When does the clock start for GDPR data breach notification?

  As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope.  Continue Reading