News, trends and insights for cybersecurity in the digital age

NIST updates cybersecurity framework


It’s been a long time coming. The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) recently released version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity, or affectionatey called the Cybersecurity Framework. The initial framework was created to help organizations that operate critical infrastructure better secure their digital assets. These industries include energy, […]

The SOC is dead — long live the SOC!

Overwhelmed by existing traffic volumes and held back by a shortage of skilled workers, the average Security Operations Center is approaching a state of crisis – and the challenges will only worsen if SOCs don’t evolve. No doubt about it, the SOC’s mission is vital: detect and respond to all threats. Unfortunately, most SOCs today […]

Getting mobile security right: The foundational elements on which to build


As a mobility security architect, I get to research and play with the latest technologies developed for the enterprise. The pace of change is astonishing, to the point that if we are not at the top of our game, technology becomes a destructive force and puts our enterprises at risk. There are many ways to […]

As GDPR deadline looms, readiness lags


The deadline to GDPR (the EU’s General Data Protection Regulation) is now about a month away. Guess what?  One-third of SMBs still aren’t ready to comply, according to Janco Associates. The consultancy reviewed the compliance plans of 200 small and mid-sized businesses and found that 34 percent are not ready to meet GDPR mandates. A […]

OPM provides guidance to address cybersecurity skills gap


It’s hard to find (read: near impossible) an organization that thinks it has all the cybersecurity expertise that it needs. Whether it’s finding good CISOs, cloud security architects, application security experts, or whatever — finding skilled cybersecurity talent is one of the biggest challenges that face technology teams today. Recently, the human resource department of […]

10 predizioni di sicurezza per 2018

La cybersecurity non si sta semplificando. I criminali sono ogni volta più sofisticati. I danni sono sempre peggiori. E gli attacchi stanno diventando più comuni. Nonostante ciò, tanti leader IT e di sicurezza informatica hanno ancora un atteggiamento reattivo. Si tratta di un errore molto serio, perché ora è il momento di essere proattivo. Questi […]

Assicuratori europei: attenzione al GDPR!

Da maggio del 2018, gli assicuratori europei dovranno affrontare nuove norme su come bisogna trattare i dati dei clienti. Fin’ora, nessuno sa veramente quale sarà l’impatto sull’inserimento delle aziende nel mercato; comunque è evidente che il nuovo regolamento aumenterà significativamente le esigenze sulla governance e la responsabilità. Il regolamento generale sulla protezione dei dati (conosciuto […]

Assureurs européens et RGPD : garder le sens des priorités

Dès le mois de mai 2018, les assureurs européens seront confrontés à de nouvelles règles régissant la gestion des données clients. Jusqu’à présent, personne ne sait vraiment quel sera l’impact réel de la nouvelle réglementation sur le fonctionnement de ces entreprises. Cependant, il est assez clair que les règles placeront la barre plus haut concernant […]

Privileged identity management set to rise through 2022


In identity management, privileged accounts pose special risks. These types of accounts generally grant higher levels of access than typical accounts. They provide high levels of access to endpoint operating systems, servers, databases, identity directories, systems management software, and application software among others. When an insider abuses access, or an adversary of the organization manages […]

10 predicciones de seguridad para 2018

La seguridad tecnológica no se está simplificando. El crimen informático se vuelve más sofisticado. Sus daños son cada vez más graves. Y los ataques, cada vez más frecuentes. A pesar de ello, demasiados responsables de TI y seguridad informática siguen en modo reactivo. Ese es un grave error, porque ha llegado el momento de ser […]