Vulnerability And Patch Management

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487450619835{margin-bottom: 20px !important;}" el_class="no_stripe"] The purpose of the Vulnerability Assessment policy is to establish controls and processes to help identify vulnerabilities within the firm’s technology infrastructure and information…

3 Essential Components to Build into Your Incident Response Program in 2017

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487449721337{margin-bottom: 20px !important;}" el_class="no_stripe"] In my previous role as a network security architect at a Fortune 500 company, I worked on a team of two. This required us…

Database Architecture And Security

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487449120331{margin-bottom: 20px !important;}" el_class="no_stripe"]   Security Architecture An essential but often missing element in an information security program is a well-defined and complete information security architecture that reflects…

Threat Intelligence: Zero to One

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487437655761{margin-bottom: 20px !important;}" el_class="no_stripe"]   Introduction Today, the biggest gap in the cyber security of organizations is that companies work in isolation while criminals are working in collaboration.…

The role of the CISO, the CIO and the Board

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487434916179{margin-bottom: 20px !important;}" el_class="no_stripe"]   Digital Transformation vs. Organisational Legacy The hybrid role of the CISO Beyond the functional distinctions we analysed in our reporting line article (CISO…

How to Apply Proper Risk Management Methodology on Information Security?

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487433116299{margin-bottom: 20px !important;}" el_class="no_stripe"] How to apply proper risk management methodology on information security? Risk in its negative way might be defined as one undesired consequence that may…

A Letter to the CISO; Talk about Business with your Board, not technicality.

Dear CISO and Board I think we should always consider our job as a part of the business. We finally started to consider cyber security and data protection as a serious issue but now the question is how we evaluate…