WannaCry: Is this a Watershed Cyber Security Moment?

WannaCry: Is this a Watershed Cyber Security Moment?

As I watched the news, I was struck by the inaccuracy of much of the initial coverage of the massive wave of ransomware attacks that surfaced on 12 May. Even my partner thought that the National Health Service (NHS) computers, as well as other targets around the world, were being intentionally targeted by a coordinated [...]

Ransomware: Healthcare Organizations Cannot Afford to Be Unprepared

Ransomware: Healthcare Organizations Cannot Afford to Be Unprepared

I had just typed the last word of a new ISACA publication on governance of enterprise information technology for healthcare environments when today’s news on the National Health Service (NHS) ransomware attack broke. As we now know (as of the time of this writing): •  At least 16 UK National Health Service (NHS) trusts are [...]

The Vendors of My Vendor’s Vendor … What? … Wait? … I’m Confused?!

The Vendors of My Vendor’s Vendor … What? … Wait? … I’m Confused?!

It is no secret that vendor management is one of the top security challenges we face today. But what compounds the challenge is not knowing the relationships beyond our direct vendors. What are the vendors of my vendor doing? I don’t know what I don’t know The scenario: A recent project was initiated by the [...]

Data Loss Threatens M&A Deals

Data Loss Threatens M&A Deals

One of the most popular breakout sessions at Evolution17 featured a great merger and acquisition (M&A) scenario: Midway through the deal, critical information leaks, devastating the value of the deal. How can you figure out how much info leaked—by whom and to whom? Here’s why that storyline was so riveting: 2016 saw more than $3.5 [...]