In today’s blog, we’ll take a look at the role of vendor assessments in supply chain risk management (SCRM). We’ll also offer some suggestions of where to start if you’re tasked with protecting your organization’s supply chain, your organization at large, or just curious to learn more about this aspect of cyber security. Why Is… Read More
When it comes to cyber threats, the endpoint is often where the action is. In today’s post, we’ll discuss why it’s time to update your endpoint security approach. We’ll also offer some recommendations for how to go about this. Why Antivirus + Perimeter Protection is No Longer Enough For the last 20-plus years, the primary… Read More
In our last blog, we talked about how to encourage cyber security awareness and the importance of having a cyber security training and awareness program for your employees. In this blog, we’ll discuss eight specific ways you can encourage cyber security awareness. Cyber Security for Employees Keeping systems up to date is a given for… Read More
It’s often said that employee training and awareness are a key component to any successful cyber security program. In today’s blog, we’ll explore why this holds true, and how to improve your programs. For the most part, employees know where data is, how it’s used, and how to access it. With rare exceptions, they’ve also… Read More
As a new Chief Information Security Officer (CISO) on the job, there is a sense of immediate urgency to show value and make an impact. Maybe you’re joining an organization that had some major problems before you arrived – a public incident, a challenging personnel situation, an unsatisfactory audit, etc. All eyes are on you,… Read More
Like regular physical exercise, exercising your cyber security muscles can be a good way to keep your information technology (IT) staff in cyber-shape. The purpose of cyber security exercises is to prepare and test a person or group to respond to a specific set of circumstances. Performing cyber security exercises can have some of the… Read More