Topic: Reducing Risk

From the Fall 2016 Issue

LINGERING VULNERABILITIES

Author(s):

Ragu Ragunathan, Principal Cybersecurity Consultant, Web Traits, Inc.

Most organizations depend on a complex set of information systems for their mission-critical functions. The risks to these systems and the information they contain are one of many concerns for management at all levels. For practical, operational reasons, most organizations will often allow for a few vulnerabilities that impact their information systems, with a plan … Read more

From the Fall 2016 Issue

The Cybersecurity Poverty Line

Author(s):

Mike Dombo, Vice President, Sales, Point3 Security, Inc.

In her 2013 RSA presentation, “Living Below the Security Poverty Line: Coping Mechanisms,” Wendy Nather coined the term “Security Poverty Line” to better elaborate on the dismal state of security in organizations’ application development shops.1 There are the haves and the have-nots when it comes to cybersecurity. An organization’s ability to protect itself from attack … Read more

From the Fall 2016 Issue

Elevating Cybersecurity to an Organizational Risk Management Function

Author(s):

Michael Volk, Cybersecurity Specialist, PSA Insurance & Financial Services

The environment of cybersecurity is complex and uncertain, but it is at times framed in the context of a game that is predictable and defined by rules. This approach can lead to an overreliance on advanced cybersecurity tools to predict and prevent incidents. It may also result in placing too much pressure on IT experts … Read more