New & Notable
Risk assessments, metrics and frameworks News
October 27, 2020
Adoption of the Mitre ATT&CK framework, which saw version 8.0 released Tuesday, has grown rapidly over the last years, though challenges still remain for enterprise users.
August 11, 2020
Indiana University Health CISO Mitchell Parker discussed internal risk assessments, security snake oil salesmen and more at his Black Hat USA 2020 talk.
August 10, 2020
Elevate Security co-founder Masha Sedova spoke at Black Hat USA 2020 about why traditional security awareness training is ineffective and fails to change risky behavior.
January 20, 2020
In this Q&A with CyCognito CEO Rob Gurzeev, he discusses what led to his company, how attack simulations work and how he plans to spend the company's recent round of funding.
Risk assessments, metrics and frameworks Get Started
Bring yourself up to speed with our introductory content
Organizations must ensure their pandemic business continuity and technology DR plans address cybersecurity, as well as remote employees, social distancing and company shutdowns. Continue Reading
The Certified Information Systems Auditor (CISA) is a certification and globally recognized standard for appraising an IT auditor's knowledge, expertise and skill in assessing vulnerabilities and instituting IT controls in an enterprise environment. Continue Reading
Integrated risk management (IRM) is a set of proactive, business-wide practices that contribute to an organization's security, risk tolerance profile, and strategic decisions. Continue Reading
Evaluate Risk assessments, metrics and frameworks Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading
The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the six business benefits of zero trust and how it differs from traditional security approaches. Continue Reading
Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, enterprises need to choose their on-ramp wisely. Continue Reading
Manage Risk assessments, metrics and frameworks
Learn to apply best practices and optimize your operations.
A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
Check out 10 tips to help build a next-generation security operations center with the integrated tools to free security analysts to get ahead of and respond to threats fast. Continue Reading
Red team-blue team exercises simulate attacks on enterprise networks. What does each team do? Where do purple teams fit in? Find out here. Continue Reading
Problem Solve Risk assessments, metrics and frameworks Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Being a paramedic and working in cybersecurity taught CISO Rich Mogull how to avoid stress and burnout. Check out his advice to maintain mental health in high-stress roles. Continue Reading
This template from IANS Research can help IT and security professionals document and prioritize essential processes, staffing and systems when faced with a pandemic event. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading