There are four typical evolutionary maturity levels for cybersecurity programs. The benefits and drawbacks of each phase creates a natural tension that pulls organizations forward to become better at managing risks, costs, and the friction that accom
Where should a CISO report into within an organization? No common standard exists as we can find them operating under many different organizations, including IT, Legal, the CTO, and CEO just to name a few.
In today’s video, I break down some of the
Today enterprises live in a world where natural or man made disasters can crumble a business to its knees. It is therefore critically important for these enterprises to recognise the fact that disasters are real and happen and it is essential they ha
WHY APPSEC (APPLICATION SECURITY) WON’T ALWAYS BAIL YOU OUT OF APPLICATION BASED RISKS?
It is very typical of organizations to perform Web Application (WebApp) Security Assessments before the go-live of newer applications or periodic assessments of th
Top steps during the Implementation of a DRM project-Points to consider for the implementation of a project:
How to Say “NO”
Why did I say, “Yes” when I really wanted to say No? You ‘d probably be asking this question every time you agree to another task. Even though you do not have time or resources to do something but you commit to another one. For example
Vulnerability Management System was implemented as a practice within the Organization across the Global Business Unit (India, Middle East & Africa). The implementation included Vulnerability Assessment and Remediation. The assessment is made based o
Achieved Solution Benefits
To mitigate risk
Technical Skills:
Major Areas Of Focus:
( Read More: CISO Platform Top IT Security Influencers (Part 1) )
Conceptual (Understand How-It-Works):
It is very important to properly define the right Information Security Metrics for an organization to estimate the security structure and to communicate it efficiently to the Board level executives.There is a growing interest from the Board and the C
Identity Access Management (IAM) is a set of business policies, framework and processes which ensures the right person has access to the right asset/resources. Identity Access Management solutions can deliver intangible benefits that are revenue incr
Technology comes with a cost. The cost, one could never have imagined if not properly implemented. Enterprise Mobility Management (EMM) solution at place boosts the productivity, enhances mobile security, and provides easy access to corporate content
We believe, isn't a single technology/solution but is a complex program which consists of people, process and technology. Sandboxing or any single technology can only provide partial protection against “real” advanced attacks. We suggest organizat
Log management is one of the primary requirements for building an enterprise class SOC. In security, Log analysis is often the first step in incident forensics. Operating systems such as windows, Unix, Linux and other network devices such as routers,
In the fast moving world of cyber security incident response, the challenge is to rapidly identify and stay ahead of the threat. Incident responders must move faster, be more agile, have longer stamina than the attacker. Additionally they must also b
These are top 5 FREE tools you should consider while building your Enterprise Mobility Management:
Convertigo:
It is a privately held company recognized as a “pure player” in the enterprise Mobility market and the first software vendor to distribute i
IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud (RSA Conference 2017)
In this technical deep dive, Email Isaakian will explain the details of the protocol, cryptography, key management and vulnerabilities mitigated by MAC Sec/ESS. Add
There are four phases in Cyber Crisis Management, namely Detection, Response, Containment & Recovery. Here is a glimpse of the four phases.
>>Get the Complete Report on Crisis Management Plan (Banking Industry)
Detection Phase:
Input to
Author - Anil Upadhyay, DM - ITGS, ITSD, Gujarat Gas Limited
We have listed a Key Parameter are required for Security Incident and Event Management and The Framework was attached at the end.
Major Parameters To Consider :
Ability to identify non
