From the Summer 2021 Issue

A Supply Chain Cybersecurity Maturity Model for 2021

Author(s):

-Mike Kelly, CEO, ProcessBolt

Dan Gardner, COO, ProcessBolt

A Supply Chain Cybersecurity Maturity Model for 2021 Featured Image

The SolarWinds Sunburst hack made it painfully clear that supply chain cybersecurity threats are extremely dangerous. Perhaps the most alarming fact is that SolarWinds’ stock price dropped 40% in seven days after the breach became public. The price drop was not so much about SolarWinds being hacked. It reflected the anticipated damage to customer relationships … Read more

From the Winter 2021 Issue

What You Don’t Know About Ransomware Can be a Risk

Author(s):

-Dr. Michael C. Redmond, Director of Information Security and Risk Management, Redmond Worldwide (Author)

Bradford P. Meisel, Esq., Associate, McElroy, Deutsch, Mulvaney & Carpenter, LLP (Co-author)

Diane D. Reynolds, Partner, McElroy, Deutsch, Mulvaney & Carpenter, LLP (Co-author)

Dr. Bernard A. Jones, CBCP, Assistant Professor, St. John’s University (Co-author)

Syed Taha Ahmed Jafri, Information Security Specialist, First Women Bank (Co-author)

Ransomware

Unfortunately, organizations continue to suffer debilitating impacts on operations due to both natural and human-made threats. One human-made threat, which continues to top the list of risks that organizations fear the most, is cybercrime. Cybercrime comes in many different forms, with ransomware specifically cited as the preeminent threat that impacts organizations worldwide. The severe ransomware … Read more

From the Winter 2021 Issue

Top 5 Characteristics of Successful Insider Risk Management Programs

Author(s):

Shawn M. Thompson, Founder and CEO, ITMG

Top 5 Characteristics

Corporations are increasingly focusing their efforts on preventing, detecting, and mitigating threats from insiders. As a result, many are mandating the creation of formal insider threat or insider risk management programs. With a dearth of standards on the topic, corporations are largely relegated to a trial-and-error approach. Unfortunately, too many companies forget about the “program” … Read more

From the Winter 2021 Issue

The Quantum Security Risk to your Organization

Author(s):

Jeff Spivey, CRISC, CPP, PSP, Ret. CEO, Security Risk Management, Inc.

Jonathan D. Wright, Captain, USAF (Co-author)

Quantum Security Risk

Overall Security Principles Regarding security, it is important to discuss our approach to risk mitigation. To mitigate risk, we need to focus on building our overall situational awareness. To build situational awareness, we should look at what we know. Building comprehensive knowledge of current and future events provides agile spatial orientation. This, in turn, improves individual … Read more

From the Winter 2021 Issue

Reinventing Web Application Security

Author(s):

Malcolm Harkins, Chief Security and Trust Officer, Cymatic

web-application-security

In the simplest terms, risk connotes the possibility of harm. How we account for risk and manage it is the result of understanding and quantifying the consequences. What are the effects likely to occur in the event of a cyber-attack or breach on a business ? Who will be harmed? In what way? To what … Read more