The GDPR impacts all organisations that are established in the EU, or that either offer goods or services to Europeans or monitor the behaviour of Europeans (which applies to most internet-based organisations). All such organisations must make certain they have appropriate technical and organisational measures to...
Third party risk management is imperative today for organizations large and small. Senior executives and Boards of Directors are increasingly asking for updates into their vendor risk management programs and looking for demonstrable progress in reducing third party cyber risk.
While Finance organizations tend to...
This monthly Security Agenda will highlight some of the most recent additions to our course library. September's edition features Ed Amoroso on the evolution of the role of a CISO. Other influencers like Hearst CISO David Hahn, First U.S. CISO, Gen. Gregory Touhill, Retired and Jennings Aske, CISO of New...
In the current security climate, three absolute facts are relevant when it comes to security, an organization cannot prevent all attacks, an organization's network is going to be compromised, and 100 percent security does not exist. With breach all but inevitable, the goal of security is not just about stopping...
Before the Internet, customers who wanted to perform a bank transaction had only one option - a visit to their local branch for a face-to-face transaction. Now, in the "mobile age," customers expect that their bank provide secure and easy access to the full suite of banking services via their mobile device. The...
Organizations today take strong measures to guard against data breaches. With 91% of breaches starting with phishing emails, we find ourselves in an arms race against phishing attackers.
So, are we winning the war or just holding ground?
Download this report to learn the implications of phishing response data...
The attacker ecosystem is evolving rapidly and threat actors are making daring attempts to weaponize new attack types and new combinations of popular techniques. Large, global crises have dominated public discourse and news media and elevated the profile of software exploitation. These stories have, in turn, elevated...
How could attackers trick you, an intelligent professional, into handing over company funds?
They impersonate someone you know and trust.
According to the FBI's latest BEC/EAC alert, businesses worldwide experienced a 2,370% increase in actual and attempted dollar losses from BEC/EAC scams between January 2015...
Phishing, spearphishing, CEO Fraud/Business Email Compromise (BEC) and ransomware represent a group of critical security threats that virtually every organization will encounter at some point - and most already have. The logical evolution of phishing are increasing rapidly and costing organizations hundreds of...
Card issuers can view the merchants with whom a cardholder does business, the frequency of a cardholder's purchases, and the devices and IP addresses associated with that specific card. While this allows them to understand and assess certain patterns of behavior for individual cardholders, it restricts analysis to the...
When cardholder transaction and device data are disconnected, the potential for card issuers to more accurately detect and flag instances of fraud remains untapped. And as the connectivity of information in the real world continues to increase, so will related risks from fraudsters if issuers continue to rely solely...
The perimeter continues to dissolve, and the definition of endpoint is evolving, according to results of the SANS 2016 Endpoint Security Survey, now in its third year. In it, respondents say their organizations continue to connect new and different types of endpoints, including point-of-sale (POS) devices, printers,...
Continuous monitoring (CM) begets a process of continuous improvement that works to reduce attack surface and improve security posture, according to the 2016 SANS survey on CM. In it, 63% of respondents said CM was improving their security posture.
These improvements are occurring even though continuous monitoring...
From custom malware to zero-day exploits, advanced security threats are exploding worldwide - and the sophistication of these attacks is greater than ever.
In addition to being able to detect these vulnerabilities efficiently, organizations also need to take into consideration the broader context, and associate the...
Infirmary Health System is the largest non-government healthcare team in Alabama, treating more than 100,000 patients annually. The organization deployed a security solution to qualify for meaningful use dollars and reduced security incidents significantly.
Download this case study and learn:
Why Infirmary Health...
