Menu

Blogs

Showing Blog Posts: 1–10 of 76 tagged Business

  • There is Such a Thing as Security Return on Investment: Well, Sort of

    by Gib Sorebo on March 1, 2016

    Having spent a fair amount of time with critical infrastructure operators, I’ve gotten used to the groans and eye rolls I receive when I try to explain why they need to spend more money on cybersecurity. Whether it’s to satisfy a compliance requirement or to reduce the risk of a cyber attack by some incalculable amount, the common perception is that we’re getting in the way of a profitable…

  • Breaking Through to Users for Better Security, Inside Out

    by Jack Danahy on February 16, 2016

    In today’s world of big data, some of the most valuable information you can collect is simple insight into the people you’re trying to protect. Your users are all different, and to reach them you need to tailor your messages to address their individual interests, concerns, and needs. That’s where “personas” come in—by developing profiles of various types of users you can learn how to communicate…

  • Think Security Is Expensive? Insecurity Costs Much More

    by Tony Bradley on October 23, 2015

    Security has come a long way over the past decade. It is still the red-headed step child of the business units but at least most organizations have some sort of CSO or CISO role in place and do a good job feigning support for security. Businesses that focus on squeaking by spending as little as possible on security, though, are bound to find out the hard way just how expensive a lack of security…

  • Why It Costs More to Protect Your Virtual Infrastructure

    by Tony Bradley on October 19, 2015

    Security incidents are expensive, but not all security incidents are created equally. A recent study found that businesses pay a significant premium for incident response and recovery affecting a virtual infrastructure. Respondents representing more than 5,500 different companies across 25 different countries participated in the survey. The purpose of the survey was to learn more about the cost of…

  • How Much Will That Phishing Trip Cost You?

    by Tony Bradley on September 29, 2015

    Organizations spend a significant amount of money on security tools. All of the firewalls and antimalware solutions in the world, though, offer little protection against a phishing attack that tricks an authorized user into downloading malicious software or compromising credentials. Phishing attacks are becoming more effective and more costly as time goes on. The Ponemon Institute recently…

  • You Can’t Squeeze Blood From a Turnip

    by Tony Bradley on September 23, 2015

    You’ve probably heard the phrase “You can’t squeeze blood from a turnip,” before. The point is that no amount of begging, coercing, pushing, or otherwise coaxing something can yield results if those results simply aren’t possible. Many organizations, however, hand a proverbial turnip to the CISO and expect blood in return. Executive management or the company board have expectations for the CISO. …

  • What Do Companies Expect From a CISO?

    by Tony Bradley on September 15, 2015

    The role of CISO is an important one. It must be. It has Chief right in the title. The question, though, is what exactly does a company expect a CISO to do? You can’t meet or manage expectations if you don’t know what they are, and there’s a good chance you won’t keep your CISO job very long if you can’t meet expectations. A CISO is responsible for securing and protecting information assets but…

  • Taking Responsibility for Information Security

    by Tony Bradley on September 9, 2015

    It’s impossible for any one person to manage every aspect of securing the network, endpoints and data of an entire organization. The top of the security chain of command in most cases is the Chief Information Security Officer, though, so ultimately that responsibility falls on the shoulders of the CISO. Security is everyone’s job. Each and every employee within a company has to have some basic…

  • Criminals Use CEO Emails to Target Companies

    by RSAC Contributor on September 3, 2015

    That email from the CEO in your inbox may not be real. Stop and pick up the phone to make sure it's legitimate before you take action. The FBI said cybercriminals stole nearly $750 million from more than 7,000 companies in the United States between October 2013 and August 2015. When you include international victims, total losses from business-to-email attacks exceed $1.2 billion. Attackers, …

  • Five Ways Security Metrics Do More Harm Than Good

    by Tony Bradley on August 31, 2015

    There is no shortage of data out there. Virtually everything with a power source is logging events and churning out data almost constantly—including all of your security tools. That data—your security metrics—can uncover valuable truths about your security posture if used and analyzed properly, but it can also be very misleading or completely useless. Aaron Levenstein is credited with this little …

Are you interested in contributing to the RSA Conference blog?  Download our 2016 Editorial Calendar for more info.

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 27 May 2016 04:28:56 -0400.
© 2016 EMC Corporation. All rights reserved.