Cybersecurity Governance News – 3/18/16
While a new crop of MBAs specializing in cyber security analytics are being trained, current executives still need to protect themselves and their companies. Basic cybersecurity practices are easy to implement, but comprehensive implementation requires a challenging amount of organizational discipline.
ComputerBusinessReview, Mar. 9
The first and most basic step has nothing to do with technology, and is to do with what Knowles calls a “human firewall”. Businesses must make sure employees can recognize what a phishing scam looks like, and if they see something suspicious…
BusinessBecause, Mar. 14
There is a huge shortage of talent. “There will be an increasing number of people who are expected to coordinate cyber security across the organization who aren’t simply sitting in IT — they are general managers…”
DLAPiper, Feb, 11
Compliance metrics are pretty straightforward based on the external contractual and regulatory compliance requirements of the organization. PCI DSS, NIST 800-53—lots of requirements provide great metrics as part of execution…
LinkedIn Pulse, Mar. 9
The SEC, FTC, and the courts made it clear that cybersecurity is a board responsibility. SEC Commissioner Luis Aguilar stated “there can be little doubt that cyber-risk also must be considered as part of board’s overall risk oversight…”
The State of Security, Mar. 3
Hackers spend days, maybe weeks figuring out ways to get onto a network or social engineer a way into a building so they can seed their malware. It would literally take them five minutes in most hospitals across the United States…
InformationSecurityBUZZ, Mar. 11
Once ransomware gets on your computer, usually through an affected email attachment or the all too common Trojan horse attack, it will lock your computer or your data in some way and demand payment in exchange for giving control of your system back to you.