Topic: Cybersecurity Risk Management

From the Summer 2025 Issue

From Detection to Direction: Security Operations Centers (SOCs) as Strategic Assets in Global Risk Management

Author(s):

-Henry J. Sienkiewicz, Faculty, Former CIO, DISA, Georgetown and George Washington Universities

Alessandro Azzaro, Independent Writer,

From Detection to Direction

Once a reactive help desk, the Security Operations Center (SOC) has evolved from dealing with trouble tickets, server logs, and alerts to the nerve center of enterprise resilience. What began as isolated cybersecurity monitoring has evolved into a system integrating physical, digital, and geopolitical threat information in real-time. Today’s SOCs are driven by artificial intelligence … Read more

From the Summer 2023 Issue

Protecting Your Business: Effective Strategies for Mitigating Ransomware Attacks

Author(s):

Dr. Michael C. Redmond, PhD, MBA, ISO Certifications, CEO and Sr. Lead Implementer and Sr. Lead Auditor , Redmond Worldwide

Protecting Your Business

Ransomware attacks are a growing threat to organizations of all sizes, and they can cause considerable damage to both the affected company and its customers. These attacks involve hackers gaining access to an organization’s systems and encrypting important data, then demanding payment in exchange for the decryption key. Ransomware attacks can result in lost data, … Read more

From the Fall 2022 Issue

Putting Risk Back into Cyber Risk Management

Author(s):

Shawn M. Thompson, Founder and CEO, ITMG

Cyber Risk Management

Corporations are faced with the omnipresent threat of security attackers, both external and internal, seeking to steal money or information, disrupt operations, destroy critical infrastructure, or otherwise compromise data-rich institutions. There’s no shortage of money or technological tools being devoted to support cyber risk management, as such threats are high on the agendas of senior … Read more

From the Fall 2022 Issue

Vulnerability Management – Doing IT Right

Author(s):

Sarith Somasundaran Pullanikkat, Security Program Manager, Meta Platforms, Inc.

Vulnerability Management - Fall 2022

Any organization — big or small — with an Internet presence has to deal with malicious actors trying to compromise them. Exploiting open vulnerabilities in systems exposed to the web is one of the most common approaches adversaries use to penetrate an organization. Once they are in, they can use any number of techniques to … Read more

From the Spring 2022 Issue

Getting Offensive With Your Third Parties

Author(s):

Alex Haynes, CISO , IBS Software

ah-sp22 Feature Image

Third-party onboarding today isn’t easy and with the rise in supply chain attacks, the importance of auditing and ensuring your third parties won’t impact your infrastructure from a security perspective remains a burning issue. Many companies still maintain a tick box approach when onboarding or managing third parties and mainly consist of sending out questionnaires … Read more

From the Winter 2022 Issue

Going Beyond the Motion(s) of Cybersecurity

Author(s):

Malcolm Harkins, Chief Security and Trust Officer, Epiphany Systems

Malcolm Harkins - Cyber Risk - Going Beyond the Motion(s) of Cybersecurity

Speed, Velocity, and Acceleration. The physics of motion are well documented, and we understand how these scalar and vector quantities differ. In information security and cyber risk management the dynamics are not as well understood which has confused our ability to distinguish between motion and progress. This confusion intensifies our escalating risk cycle by causing … Read more