Showing Blog Posts: 1–10 of 13 tagged Security Strategy

  • Companies Must Develop More Precise Cybersecurity Road Maps and Strategies

    by Robert Ackerman Jr. on April 19, 2019

    Given all the years that companies and federal and state governments have been investing aggressively to improve cybersecurity, you might think by now they would have a well-executed cyber architecture and security strategies firmly in place. The sad fact, however, is that many organizations have yet to accomplish this -- or they have temporarily but subsequently fail to keep pace with change and…

  • Cloud Security Architectures: Lifting the Fog from the Cloud

    by Salvatore J. Stolfo on April 17, 2019

    A growing body of technical knowledge has been codified and broadly taught to computer science students on how to properly architect a large-scale application or system to meet functional and performance goals. A similar body of security engineering knowledge needs to be developed to architect a corresponding security architecture. A fundamental principle of this knowledge body should be to…

  • Effective Steps to Reduce Third-Party Risk

    by Phil Won on April 2, 2019

    To start rolling out your third-party risk mitigation strategy, let’s begin by taking a step back to the definition of what risk actually is and ask which assets are most valuable in your organization, and what is the potential fallout if they are compromised? Taking stock of your internal assets may be a simpler exercise than attempting to account for each and every third-party connection out of…

  • Cybersecurity Strategies that Won’t Break the Bank

    by David Bradbury on November 28, 2017

    Throughout my career, I have seen first-hand the real world impacts that a breach in cyber security can have on customers, businesses and communities. With cyberattacks growing in number and sophistication, today security is a requirement of "doing business", however, many companies and organizations lack the knowledge and resources to secure their platforms, products and solutions. For example, …

  • Does Your Cybersecurity Strategy Include Jedi Knights and Imperials?

    by Dave Lewis on November 21, 2017

    What makes for a good cyber security strategy? There are all sorts of directions we could take this discussion. For instance, do you handle security issues in a reactive or proactive manner? Do you become unnecessarily preoccupied by the possible threat posed by the sharks in the ocean? Or better still, on how you will deal with all of the potential eventualities that could spring forth from that…

  • The Best Cybersecurity Programs Put Employee Training First

    by Robert Ackerman Jr. on November 14, 2017

    Timely advice about creating a worthwhile corporate cybersecurity strategy sagely starts today by realizing that establishing firewalls and relying on the IT department to monitor attacks isn’t sufficient. Reactive strategies break down over time, making proactive strategies crucial. Further, defensive strategies work only within centralized, controlled and managed-device networks – all now…

  • Don’t Be a Spreadsheet Junkie

    by Humphrey Christian on November 8, 2017

    Let’s face it. Most of us have some sort of dependence on Excel and PowerPoint. They serve as our centerpiece for aggregating data and building corporate presentations. However, when it comes to cyber security, neither one should be involved. They slow down the process, leave too much leeway for data “massaging” and create inconsistencies up, down and across the organization. Yet surprisingly, at…

  • Building the Right Security Budget

    by Todd Inskeep on September 13, 2017

    September, and Fall, signal the harvest for farmers, and for CISOs. The project seeds that were planted earlier in the year are getting implemented and showing results. This is also the time when planning starts for next year. In farming terms: what crops and seeds are needed; where do you fertilize; and which fields need rotating? For CISOs the planning and budget process often starts and stops…

  • Ben's Book of the Month: Review of "Building a Corporate Culture of Security: Strategies for Strengthening Organizational Resiliency"

    by Ben Rothke on July 31, 2017

    This month’s book of the month theme is security strategy & operations. Without a strategy and effective operations; there is no information security. The Major League Baseball All-Star game is somewhat of an oddity. You take all of the best players, and have them play together for one night. For the rest of the season, what often separate a winning team from a losing one, is the ability of not…

  • Operationalizing Cybersecurity

    by Tom Conkle on July 27, 2017

    Operationalizing, or implementing, cybersecurity is an ongoing effort that continually evolves and grows. Just like organizations can’t achieve safety; they cannot achieve cybersecurity. Therefore, having a well-defined organizational cybersecurity strategy is essential in keeping organizational security goals in mind. Board members are becoming increasingly aware of the requirements to implement…

View All


Are you interested in contributing to the RSA Conference blog? Download our 2019 Editorial Calendar for more info. 

This document was retrieved from on Sun, 18 Aug 2019 15:49:27 -0400.