Weekly InfoSec Roundup 12/22/17

As the year comes to a close, the InfoSec community looks back to another eventful and action-packed year. We hope you enjoy reading up on these informative reviews of 2017, and get ready for the new year with some great articles on how you can be better prepared in 2018.

 

  • The week in security: You’ve just been breached. Do you know what to do?

“Are you prepared for a security breach? Not if you’re among the nearly half of security practitioners and business executives that admit they have no idea what they would do once a breach was discovered.”

Read More

 

  • What are IT professionals guilty of in 2017?

“New Year’s resolutions are funny things. I’d place a strong wager that as 2016 was put to bed and 2017 awoke, a great many IT professionals made promises to themselves regarding their roles, their IT environments, and how they’d make changes to ensure that the organization’s IT infrastructure would run smoother and safer than ever.”

Read More

 

  • How to engage with the C-suite on cyber risk management, part 3

“In this article, we’ll deep dive into some of the metrics associated with our four-step methodology for qualifying threats and prioritizing risk (see details in part 2). The ultimate goal of metrics and controls – and of the entire security organization – is to lower risk to a palatable level for the business.”

Read More

 

 

  • Massive Cloud Leak Exposes Alteryx, Experian, US Census Bureau Data

“A misconfigured Amazon Web Services S3 storage bucket exposed sensitive data on consumers’ financial histories, contact information, and mortgage ownership.”
Read More

 

  • 84 Percent of Healthcare Organizations Don’t Have a Cybersecurity Leader as the Industry Becomes 2018’s Top Target: Black Book Study

“A recent survey conducted by Black Book Research indicated the majority of healthcare provider and payer organizations are not taking cybersecurity seriously enough. Responses included 323 strategic decision makers from the US.”

Read More

 

  • Businesses Fail in Risk Modeling and Management: Report

“Poor risk management leads to a slippery slope of weak prioritization, wasted resources, and unaddressed security issues. Most businesses don’t know how to quantify and manage risk, and their failures lead to repeating the same security problems and facing new, major ones.”

Read More

 

  • 2017 was a dumpster fire of privacy and security screw-ups

“2016 may have killed every famous person we ever cared about, but it was tame compared to the dumpster fire of security screw-ups and privacy violations that 2017 had in store. Here’s our look back.”

Read More

 

  • Best Practices for Building a Successful BRI Program

“Business Risk Intelligence (BRI), as I’ve written previously, is becoming a new industry standard. As someone who’s faced the limitations of cyber threat intelligence (CTI) — BRI’s predecessor — firsthand, I can attest to the immense value to be gleaned from abandoning CTI’s indicator-centric approach in favor of a comprehensive BRI program. But since BRI’s enterprise-wide focus is a relatively new and less-familiar concept, I realize that some organizations might be unsure of how to initiate and maintain a BRI program effectively.”

Read More

 

 

  • Why Network Visibility Is Critical to Removing Security Blind Spots

“There’s an axiom used by security professionals that states: “You can’t secure what you can’t see.” This rather simplistic statement actually has many different meanings when it comes to securing a business because of the rapidly growing number of network blind spots that exist in today’s information technology infrastructure.”

Read More

 

  • Resolve to Mitigate Your Business’ Digital Risk in 2018

“As we look to the New Year many of us make resolutions – getting healthier, learning a new skill, saving money, or making more time for family and friends. With 2018 just around the corner, the challenge now is to stick to that resolution and this is where many of us fail. Often the goal is too broad, or we don’t have a plan for achieving it.”

Read More

 

  • Be a More Effective CISO by Aligning Security to the Business

“These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.”

Read More

 

  • Nissan Canada Data Breach: 1.1 Million Customers Notified

“Nissan Canada’s finance business revealed on Thursday that all of its 1.13 million current and former customers may have had their details compromised in a data breach.”

Read More

 

 

  • Here’s How to Develop a Cybersecurity Recovery Plan

“66 percent of organizations would not recover from a cyberattack if it occurred today. Is your organization prepared? Here’s what every CIO and CISO needs to know to start or improve their cybersecurity recovery plan.”

Read More

 

  • CISO Holiday Miracle Wish List

“If CISOs could make a wish to solve a problem, these would be among the top choices.”

Read More

Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

  • This field is for validation purposes and should be left unchanged.
© 2019 BRINQA | Legal | Terms