Vulnerability And Patch Management

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487450619835{margin-bottom: 20px !important;}" el_class="no_stripe"] The purpose of the Vulnerability Assessment policy is to establish controls and processes to help identify vulnerabilities within the firm’s technology infrastructure and information…

3 Essential Components to Build into Your Incident Response Program in 2017

[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487449721337{margin-bottom: 20px !important;}" el_class="no_stripe"] In my previous role as a network security architect at a Fortune 500 company, I worked on a team of two. This required us…

Database Architecture And Security

Security Architecture An essential but often missing element in an information security program is a well-defined and complete information security architecture that reflects the business decisions and the information security policy decisions of the organization. In many cases, the security…

Threat Intelligence: Zero to One

Introduction Today, the biggest gap in the cyber security of organizations is that companies work in isolation while criminals are working in collaboration. This is exactly the reason for the sudden rise of the new domain in cyber security what…

The role of the CISO, the CIO and the Board

Digital Transformation vs. Organisational Legacy The hybrid role of the CISO Beyond the functional distinctions we analysed in our reporting line article (CISO as a Figurehead / CISO as a Fire Fighter / CISO as a Change Agent), we need…

How to Apply Proper Risk Management Methodology on Information Security?

How to apply proper risk management methodology on information security? Risk in its negative way might be defined as one undesired consequence that may or may not occur, as  a result of specific outcome we want to achieve. Shortly, it…

A Letter to the CISO; Talk about Business with your Board, not technicality.

Dear CISO and Board I think we should always consider our job as a part of the business. We finally started to consider cyber security and data protection as a serious issue but now the question is how we evaluate…