2019 Cloud Security Report
The 2019 Cloud Security Report highlights what is and what is not working for operational teams securing their cloud data, systems, and services. The report includes the latest cloud security trends and data points to help you benchmark how your own organization is doing. It also has insights into cloud security threats, organizational investment priorities, and solutions.
How to Overcome Cloud Misconfigurations
Organizations of all sizes find it challenging to implement security controls across their various cloud environments. In this white paper, we discuss configuration risk factors for cloud infrastructure, SaaS, and DevOps, and how to identify and prioritize them.
Understanding The Challenges of Cloud Monitoring and Security
While cloud providers offer many security measures, organizations are ultimately responsible for securing their own data, their own applications, and their own services in the cloud. We discuss how companies are adapting to new cloud security challenges and the important considerations they need to make before choosing a cloud monitoring solution.
Cloud Data Breaches: How They Happen and How to Avoid Them
The cloud movement is rapidly transforming today’s business landscape, and most organizations now manage environments in a combination of on-premise, cloud infrastructure, and software-as-a-service (SaaS) models. Not surprisingly, this has led to an increasing number of security incidents and data breaches. In this white paper, we’ll look at some of the biggest cloud breaches in recent history, how they happened, and how you can avoid making similar mistakes.
An Office 365 Security Blueprint for Midsized Organizations
Moving to Microsoft Office 365 is often the first step that midsized organizations take when migrating sensitive business activities to the cloud. Without careful consideration and planning, adopting Office 365 can complicate security and compliance efforts. In this white paper we offer a practical guide to security for Office 365.
Best Practices: Incident Response and Business Continuity Programs
In most organizations, cyber security incident response and business continuity or disaster recovery are still considered as separate functions and distinct disciplines.
These disciplines share the common goals of protecting the organization’s reputation and ensuring continuity of operations. Therefore, it makes sense to integrate them so you can respond to attacks and data breaches faster, efficiently, and effectively. Here are some best practices to follow.
10 Tips for Selecting an MSSP
Most businesses have trouble keeping up with today’s constant barrage of cyber threats. Many are turning to MSSPs (managed security services providers) to protect their networks cost-effectively and reliably. But choosing an MSSP requires thought and research. Not all offer the same levels of protection, so you should focus your search on a provider with a solid track record and reputation. Here are 10 best practices to follow when selecting an MSSP.
10 Steps for Establishing an Effective Insider Threat Program
Insider threats continue to be a significant concern for organizations. New research conducted by Crowd Research Partners, in co-ordination with Cybersecurity Insiders and the LinkedIn Information Security Group, reveals that 90 percent of organizations feel vulnerable to insider threats, while 73 percent of security professionals say insider attacks against their organizations have remained the same or have increased over the last 12 months.
Part of the problem is that most organizations still don’t have the proper controls or processes in place to fight off the insider threat surge. We will walk you through 10 Essential Steps you need to take to implement tangible processes, policies, and frameworks that are repeatable and sustainable, to go beyond a plan that’s on paper only.
Threats to Client Confidentiality in a Digital Legal World
Cyber Due Diligence
Can Your Security Team Handle a Breach?
Hacker Secrets Revealed
The technical objective of security assessments is to emulate an outside adversary to get access into an internal network, escalate privileges, and obtain sensitive information. The intent is not to find every single vulnerability in the way that a vulnerability scan might do, but rather to find some of the vulnerabilities that exist, and attempt to exploit those.
Top 10 Cyber Incident Pain Points: Are You Prepared?
Cyber Compliance Primer for Healthcare
A well-designed and purposefully managed cyber security program that emphasizes basic data-protection hygiene with appropriate investments in suitable technologies and supporting services will allow most small-tomedium-sized healthcare enterprises to create and maintain an effective security posture.
What You Need to Know About Ransomware & HIPAA Compliance
There is no more hedging on whether ransomware incidents should be identified and treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA). The United States Department of Health and Human Services Office for Civil Rights (OCR) has stated that ransomware attacks constitute a breach unless there is substantial evidence to the contrary.
Preparing For Cyber Risks To Healthcare Operations
Cyber Security and the Grid: The Definitive Guide
The goal of this white paper is to provide a deeper understanding of the role of the grid in our critical infrastructure paradigm; the current grid regulatory scheme; and the technical and non-technical cyber threats facing the grid, including legal liability for operators.
The Evolution of Cyber Threat Hunting
By adopting the durable, flexible, and holistic definition of hunt as a capability to detect threats steady-state security teams missed, organizations gain direct and indirect benefits. In this white paper, we discuss how hunt should not only be interpreted but how hunt can be implemented. In turn, we’ll also reveal the true value that threat hunting represents for stakeholders and steady-state security teams.
Cyber Security and The Board of Directors
Recent high-profile, high-impact cyber breaches at some of the largest companies in the U.S. have highlighted the fact that boards of directors need to take an active role in the management of cyber risk. This white paper offers the Delta Risk perspective on how boards, particularly those of financial services firms, should engage in managing cyber security risks, particularly in four key areas.