Why the CISO matters

Why the CISO matters

The chief information security officer role hasn’t always gotten the respect it deserves. Research over the years has shown companies often treat their CISO primarily as a scapegoat for security incidents. But that may be changing – at least it is in organizations with a strong cybersecurity culture. New research by (ISC)2 shows the overwhelming majority of [...]

EDR is dead! Long live XDR!

EDR is dead! Long live XDR!

Endpoint detection and response (EDR) has been an important technology for security professionals as they attempt to find suspicious activity, or at least traces of it, on endpoints and hosts. Cybersecurity itself is as old as computers, but the EDR segment is still in its infancy with the first solutions dating back only about five [...]

The First 101 Days as a New CISO – A Chief Information Security Officer’s Playbook

The First 101 Days as a New CISO – A Chief Information Security Officer’s Playbook

If you are a new CISO or starting a new Security Leadership gig, your first few months on the job are critical to your ongoing success in your new role. In the first few months you’ll be judged, tested by your organization and staff, and put on a “stage” to perform in front of your [...]

Gartner Top 10 Security Projects for CISO in 2018

Gartner Top 10 Security Projects for CISO in 2018

CISOs should focus on these ten security projects to reduce risk and make a large impact on the business. The new chief information security officer (CISO) of a global bank is overwhelmed by his list of to dos. He knows he can’t do everything, but struggles to narrow down the endless list of potential security [...]

Healthcare CISOs: Manage infosec risks and safeguard patient safety

Healthcare CISOs: Manage infosec risks and safeguard patient safety

Prominent CISOs from leading health systems and providers throughout the country have come together to establish the Provider Third Party Risk Management Council to develop, recommend and promote a series of practices to manage their information security-related risks in their supply chain and to safeguard patient safety and information. Members of the Council observed their supply chains [...]