All Articles

These are some common topics when we talk about CISOs role in an organization

As per my view CISO position is making a comeback, but if not placed right…… it can be just a position in any organization. I believe CISO should directly report to either t

Identity Access Management (IAM) is a set of business policies, framework and processes which ensures the right person has access to the right asset/resources. Identity Access Management solutions can deliver intangible benefits that are revenue incr

This is about developing information security master plan, the concept is the fact that when you develop a plan you begin by starting risk assessment, not a risk assessment from security stand point but from a business standpoint. You go through that

Background:
It has been suggested that any new development will include less than 1% original code. If this isn’t presently true, it will likely be as time progresses.

With any security program, the goal is to identify the vulnerabilities, the relate

• We have completed our selection of the final list of Top Indian Cyber Security Vendors to look out for in 2018 from all the vendors nationwide. Believe me this was not easy & we don’t claim this is exhaustive list as it probably will never be. But s

• Looking for Top Emerging Companies in the Cyber Security Industry?  FireCompass presents 50 Emerging Cyber Security Vendors to look out for in 2018. We don’t claim this is exhaustive list because there might be a possibility that we might have misse

• We are here, once again, with our list of Top 20 Emerging IT Security Vendors from 500+ vendors attending RSAC 2018, April 16 to 20 in San Francisco.
• BTW, We have also created a RSAC 1-Minute Itinerary tool for the ease of attendees, through which y

A Next-Generation Firewall (NGFW) is an integrated network platform that combines a traditional firewall with application specific granular controls to help them detect application specific attacks. They help detect attacks through application specif

Here we will explore the Shadow IT Risks for OT Departments. Operations Technology groups can be an integral part of important business functions like production, maintenance and more. This means there are a lot of IT related functions which can be

Third-Party risks are more as the Third-Party breaches continue to dominate and these breaches are expensive to organizations. Third-parties are those companies that you directly work with such as data management companies, law firms, e-mail provide

Many organizations have hundreds of vendors and Third-Party risk exposure is one of the biggest threats. Most organizations depend upon partners, vendors, suppliers, contractors and other third parties for day-to-day operations. Each of them present

Here is a small list of the major policies and best practices to manage Shadow IT

Policies To Have

1.Have A Shadow IT Policy

Create a policy document that takes care of the major areas of Shadow IT Management. This will make sure all company assets

At CISO Platform Annual Summit 2020, we had a panel discussion on the topic of Third Party Risk Management: Checklists, Frameworks & Tools, including industry stalwart like Sunil Varkey [HSBC] (Moderator), N D Kundu [Bank of Baroda], Jitendra Chauhan

The Coronavirus pandemic is changing how people receive healthcare with a shift to more remote diagnosis options being rolled out as a first line of care.  The advantages are many, but as an unfortunate result, healthcare data breaches will begin to

Third party vendors and suppliers often have access to your network and your organisation's confidential information. The best way to prevent a data breach is to have robust program to assess how your third parties are managing their risk and protect

Counting down to the absolutely worst cybersecurity strategies. Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster. You know who you

What should a CISO do when the executive leadership chooses to ignore critical cyber risks? 

If the C-Suite and board are well informed of imperative vulnerabilities and yet choose a path to ignore security, the CISO is put in a position where they ar

Intangibles now account for 90% of the S&P’s total assets and it is no accident that the core of cybersecurity has evolved to protect those aspects of the business.  It is a natural progression for security to align with protecting the most important