[vc_row css=".vc_custom_1452687555475{margin-bottom: 100px !important;}"][vc_column offset="vc_col-lg-9 vc_col-md-9" css=".vc_custom_1452702342137{padding-right: 45px !important;}"][vc_custom_heading source="post_title" use_theme_fonts="yes" el_class="no_stripe"][stm_post_details][vc_column_text css=".vc_custom_1487450619835{margin-bottom: 20px !important;}" el_class="no_stripe"] The purpose of the Vulnerability Assessment policy is to establish controls and processes to help identify vulnerabilities within the firm’s technology infrastructure and information…

How to apply proper risk management methodology on information security? Risk in its negative way might be defined as one undesired consequence that may or may not occur, as  a result of specific outcome we want to achieve. Shortly, it…

Dear CISO and Board I think we should always consider our job as a part of the business. We finally started to consider cyber security and data protection as a serious issue but now the question is how we evaluate…

Today’s digital frontier can be very much likened to the old days of the Wild West. In this present era identified by the ubiquitous nature of the Internet, cybercriminals are calling the shots; constantly blazing new trails in increasing sophistication…

The Cyber Security Threat Landscape Unless you have been living under a rock for the last few years you most certainly have been struck in awe by the overwhelming impact of cyber security breaches in major organizations making the headline…

Are you waiting for something bad, or going somewhere good? A CEO asked me that once. It is one of those deep questions that more information security people need to ask themselves. In the world of cybersecurity, the conventional thinking…

To illustrate this concept, I have created what I like to call the Pyramid of Pain.  This simple diagram shows the relationship between the types of indicators you might use to detect an adversary's activities and how much pain it will cause…