Where should a CISO report into within an organization? No common standard exists as we can find them operating under many different organizations, including IT, Legal, the CTO, and CEO just to name a few.
In today’s video, I break down some of the
management (35)
Today enterprises live in a world where natural or man made disasters can crumble a business to its knees. It is therefore critically important for these enterprises to recognise the fact that disasters are real and happen and it is essential they ha
WHY APPSEC (APPLICATION SECURITY) WON’T ALWAYS BAIL YOU OUT OF APPLICATION BASED RISKS?
It is very typical of organizations to perform Web Application (WebApp) Security Assessments before the go-live of newer applications or periodic assessments of th
Top steps during the Implementation of a DRM project-Points to consider for the implementation of a project:
- Ensure the security and document management with centralized storage. Design using open source architecture, as much as possible
- Search of
How to Say “NO”
Why did I say, “Yes” when I really wanted to say No? You ‘d probably be asking this question every time you agree to another task. Even though you do not have time or resources to do something but you commit to another one. For example
Vulnerability Management System was implemented as a practice within the Organization across the Global Business Unit (India, Middle East & Africa). The implementation included Vulnerability Assessment and Remediation. The assessment is made based o
Achieved Solution Benefits
To mitigate risk
- Prevent access breaches through privileged accounts
- Monitor activities carried out by privileged users
- Enforce accountability for use of generic privileged accounts
- Enforce granular access restrictions as
Technical Skills:
Major Areas Of Focus:
- Incident Response
- Computer Forensics
- Network Security
- Secure Architecture
( Read More: CISO Platform Top IT Security Influencers (Part 1) )
Conceptual (Understand How-It-Works):
- Fundamental security conce
It is very important to properly define the right Information Security Metrics for an organization to estimate the security structure and to communicate it efficiently to the Board level executives.There is a growing interest from the Board and the C
Identity Access Management (IAM) is a set of business policies, framework and processes which ensures the right person has access to the right asset/resources. Identity Access Management solutions can deliver intangible benefits that are revenue incr
Technology comes with a cost. The cost, one could never have imagined if not properly implemented. Enterprise Mobility Management (EMM) solution at place boosts the productivity, enhances mobile security, and provides easy access to corporate content
We believe, isn't a single technology/solution but is a complex program which consists of people, process and technology. Sandboxing or any single technology can only provide partial protection against “real” advanced attacks. We suggest organizat
Log management is one of the primary requirements for building an enterprise class SOC. In security, Log analysis is often the first step in incident forensics. Operating systems such as windows, Unix, Linux and other network devices such as routers,
In the fast moving world of cyber security incident response, the challenge is to rapidly identify and stay ahead of the threat. Incident responders must move faster, be more agile, have longer stamina than the attacker. Additionally they must also b
These are top 5 FREE tools you should consider while building your Enterprise Mobility Management:
Convertigo:
It is a privately held company recognized as a “pure player” in the enterprise Mobility market and the first software vendor to distribute i
IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud (RSA Conference 2017)
In this technical deep dive, Email Isaakian will explain the details of the protocol, cryptography, key management and vulnerabilities mitigated by MAC Sec/ESS. Add
There are four phases in Cyber Crisis Management, namely Detection, Response, Containment & Recovery. Here is a glimpse of the four phases.
>>Get the Complete Report on Crisis Management Plan (Banking Industry)
Detection Phase:
Input to
Author - Anil Upadhyay, DM - ITGS, ITSD, Gujarat Gas Limited
We have listed a Key Parameter are required for Security Incident and Event Management and The Framework was attached at the end.
Major Parameters To Consider :
Ability to identify non
This article highlights the Threat Management Process in Incident Response and brings in the understanding of the Kill chain model. Excerpts have been taken from a session presented at SACON - The Security Architecture Conference. You can view the fu
Our editorial team has handpicked the best of the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Identity & Access Management at RSA Conference USA 2018.
RSA Conference he
Fireside Chat - Lessons Learnt From The Solarwinds Attack
- Description: Meet Sudhakar Ramakrishna, CEO of @SolarWinds to discuss ‘Lessons Learnt From The SolarWinds Attack’.
The ‘SolarWinds hack’, a cyberattack recently discovered in the United States, has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies.
Here’s an exclusive live chat with the CEO to understand what went wrong, what to prevent and lessons learnt. Join us in the live session (Limited Seats)… - Created by: pritha
- Tags: solarwindshack, ceo
