Features

Features

Information security risk management

• How to identify and evaluate cybersecurity frameworks

  Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one.  Continue Reading

• Why is third-party risk management essential to cybersecurity?

  Attackers know third parties hold many of the keys to the enterprise network, so third-party risk management is crucial for security professionals.  Continue Reading

• Lack of cybersecurity skills fuels workforce shortage

  Cybersecurity researcher Bob Duhainy discusses the cybersecurity skills shortage and provides suggestions about how companies can close the gap to avoid future risk.  Continue Reading

• For board of directors, cybersecurity literacy is essential

  For boards of directors to meet their business goals, CISOs need a seat at the table. Through her initiative BoardSuited, Joyce Brocaglia aims to pave the way.  Continue Reading

• Fitting cybersecurity frameworks into your security strategy

  Whatever an organization's culture, effective use of a security framework requires understanding business goals and program metrics, and demands leadership communication.  Continue Reading

• Tackling IT security awareness training with a county CISO

  A Michigan county CISO says government workers are under siege by cybercriminals. In this case study, he shares how his IT security awareness training strategy has evolved.  Continue Reading

• Digital transformation redefines cybersecurity skills, careers

  The move toward digital business processes has forced companies to reconsider how they find cybersecurity talent, but finding the right skills may be easier than CISOs think.  Continue Reading

• Portrait of a CISO: Roles and responsibilities

  Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate.  Continue Reading

• Top 10 incident response vendors for 2019

  Leading incident response services include a variety of specialized tools to help organizations plan and manage their overall cybersecurity posture.  Continue Reading

• How to build an incident response team for your organization

  The time to organize and train an IR team is long before a security incident occurs. Learn the practical steps needed to create an effective, cross-functional team.  Continue Reading

• How to become an incident responder: Requirements and more

  Incident response is a growth field that provides excitement and a good salary. Here's an in-depth look at requirements, salaries and the career path.  Continue Reading

• Incident response tools: How, when and why to use them

  The OODA loop can help organizations throughout the entire incident response process by giving them insight into which tools they need to detect and respond to security events.  Continue Reading

• How to fix the top 5 cybersecurity vulnerabilities

  Check out the top five cybersecurity vulnerabilities and find out how to prevent data loss or exposure, whether the problem is end-user gullibility, inadequate network monitoring or poor endpoint security defenses.  Continue Reading

• Top incident response tools to boost network protection

  Incident response tools can help organizations identify, prevent and respond to malware exploits, ransomware and other targeted cybersecurity attacks.  Continue Reading

• Top 10 types of information security threats for IT teams

  Common security threats range from insider threats to advanced persistent threats, and they can bring an organization to its knees unless its in-house security team is aware of them and ready to respond.  Continue Reading