Twenty years ago, when enterprise information security was starting to hit its stride, nearly all enterprise security software products were bought as point solutions. They did one job – resist malware, scan for vulnerabilities, encrypt data, detect intrusions, etc. — very well. But over time the number of tools in the security practitioner’s toolbox grew […]
There are many reasons why enterprise security teams struggle to succeed in better managing the risks positioned against their data and business-technology systems. Sometimes these obstacles come from elsewhere within the organization, and sometimes they are self-created. At times it’s a lack of serious executive leadership and understanding behind internal cybersecurity efforts. The security program […]
While it’s long been said that to successfully manage the risks in enterprise security, business leadership — executives, the CEO, up to the board of directors — needs to be engaged with security teams, it’s still not happening. A recent survey from the National Association of Corporate Directors (NACD) found that, while boards want to understand cybersecurity risks, […]