risk assessment
The CrowdStrike Outage and Market-Driven Brittleness
Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and ...
Four Steps to Integrate Zero-Trust
So, how do you know who to trust in your company when it comes to protecting your most sensitive data? The answer: No one ...
Balbix Ties CIS Benchmarks to Cybersecurity Risk Quantification
Balbix makes it simpler for organizations to determine the degree to which their assets are outside the scope of best practices recommended by a CIS assessment ...
Safe Security Buys RiskLens to Advance Cybersecurity Risk Management
Safe Security acquired RiskLens, a pioneer in the development of the Factor Analysis of Information Risk (FAIR) quantification standard for assessing cybersecurity risk ...
On the Catastrophic Risk of AI
Earlier this week, I signed on to a short group statement, coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other ...
Balancing the CIA Triad: Addressing Trade-offs and Conflicting Priorities
CIA: These letters are often associated with the formidable United States spy agency. However, in cybersecurity, CIA refers to a triad of concepts that serve as the core building blocks in establishing ...
Are You (Really) Ready and Resilient? Part II
In last week’s discussion around readiness and resilience, I introduced the concept of what it means to have “threat-informed” cybersecurity. This week, I want to show you what that looks like in ...
Large Organizations, High-Security Risks: The Expanding Attack Surface in the Digital Age”
Introduction “The larger the organization, the more complex and diverse its attack surface becomes, requiring a comprehensive and proactive security strategy to mitigate the risks.” In the current digital era, businesses of ...
Silos Are the Enemy of Managing Security Risks, Keeping People Safe
This article was originally featured on SecurityInfoWatch.com This has been a watershed year for security. Hundreds of mass shootings across the United States, brutal attacks on public officials, and an increasingly complex threat landscape ...
Penetration Testing – Protecting your assets from cyber threats.
Introduction Pen testing is seen as a proactive cybersecurity measure because it calls for ongoing, self-initiated modifications depending on the test’s results. This is distinct from nonproactive strategies, which don’t address problems ...