INDUSTRY INSIGHTS YOUR PEERS ARE READING
How secure are we? Why do we need more money for security, when we just approved X last year? Chances are, most security and risk leaders have heard these questions, possibly multiple times, from their boards of directors. Are we 100% secure? Boards today are more informed about security risk, with just 15% of directors reporting their boards have very little to no knowledge of cyberrisk, down from 22% in 2015. What it sounds like: Are we 100% secure? MORE
I have recently released a new report looking at the second phase of the Payment Services Directive (PSD2) and its security requirements along with my colleagues Jacob Morgan and Andras Cser. age of the customer banking financial services security & risk MORE
Cloud security breaches consistently make news headlines. The ambiguity that surrounds cloud computing can make securing the enterprise seem daunting. Concerns about security have led some CIOs to limit their organizational use of public cloud services. However, the challenge exists not in the security of the cloud itself, but in the policies and technologies for security and control of the technology. to “Am I using the cloud securely?” MORE
security & risk cybersecurity healthcare Security & RiskHindsight is 20/20; it’s easy to look back on past mistakes and identify ways to prevent them from reoccurring, especially when it comes to breaches reported on the Office of Civil Rights (OCR) “Wall of Shame”. MORE
age of the customer security & risk IAM identity and access Security & Risk Zero TrustIt’s the summertime, and my daughters are home from school. MORE
Besides the security concerns of social media sites potentially mining […]. security & riskAt the start of the new year, a meme called the 10-Year Challenge went viral. MORE
When Amy, the CISO of a healthcare provider, looked at cloud security across the enterprise, she realized the default access control models were creating a variety of access issues. BeWell’s infrastructure as a service (IaaS) providers defaulted to a secure state, allowing only the owner access. We’re now being asked how we’re helping the enterprise realize more value while assessing and managing risk, security and even safety. Security MORE
This should surprise no one, considering the amount of core business assets that are being pushed to the cloud now, as well as the amount that security providers are spending on cloud. The worldwide market for cloud intrusion protection software is projected to grow by $1.8 MORE
I published my first Forrester Wave™ today, covering the managed security services provider (MSSP) market in Europe. MORE
This type of connected employee, while a boon to the organization, can be a nightmare to the chief information security officer (CISO). Secure access service edge, or SASE, supports the need for dynamic secure access,” says Lawrence Orans , Vice President Analyst, Gartner. “It It offers security and network professionals the opportunity to completely rethink and redesign network architectures over the next decade.”. Security MORE
I found some interesting statistics in this RedLock article that illustrate the severity of the cloud security problem: Only 7 percent of businesses have good visibility of all critical data, and 58 percent say they only have slight visibility. MORE
Venture capital and private equity spending on security technology reached an all-time high in 2018. While that total may pale in comparison to other fast-growing markets such as fintech ($124B) or transportation tech ($150B), consider that 65% of that $31B in security has […]. MORE
Meet David Holmes, the new analyst on the Security and Risk team. age of the customer MORE
The focus on Windows security verticals is changing very fast. Traditional security tools might have many challenges with modern technologies based on the cloud. You might need to revamp the digital security strategy. From this post, you will learn high-level details about Microsoft’s digital security strategy. Modern technologies could pose verity of new security challenges […]. Subscribe YouTube Channel [link]. MORE
I’m often taken aback by the lack of granularity when it comes to security identity management. For those of you who don’t deal with security operations, or secops, we can create groups using any number of dimensions or domains. MORE
age of the customer cloud security content security cybersecurity data security endpoint security information security IoT security mobile security network security physical security privacy security & risk MORE
This week, we’re discussing secure configurations, and why they matter. Our friends at the Center for Internet Security (CIS) listed “Secure Configurations” as the No. 5 most important security control on this year’s Top 20 hit list. MORE
Composed of the internet of things, “smart cities,” aimed to optimize operations, present new security and privacy […]. government IoT security physical security security & risk digital transformation IoT Security & Risk MORE
Today we released our 2019 Security & Risk Recommendations report. We collected contributions from our colleagues across the Forrester Security & Risk team to identify the most important actions security leaders should take in 2019. MORE
Microsoft has announced support for macOS in its rebranded Microsoft Defender ATP product, taking this product from being an offering that could be considered an add-on for hardening its own operating system to a multiplatform security solution. MORE
The incident stirred new conversations around cybersecurity and how chief information security officers (CISOs) can combat cyberattacks. . Ahead of Gartner Security and Risk Management Summit in Dubai , Smarter With Gartner reached out to analysts presenting at the event to ask how security and its position in the business has evolved in light of the vehemence of malicious attacks. . Read more: 5 Security Questions Your Board Will Inevitably Ask. Security MORE
Fugue automates enterprise cloud security and compliance enforcement to prevent data breaches, policy violations, and system downtime. Fugue ensures cloud infrastructure stays in continuous compliance with enterprise security policies. MORE
For every 100 security and risk management (SRM) executives, only about a quarter of them are women. The Gartner Gender Diversity in Security and Risk Management Survey explored how gender diversity impacts the ability of an organization to manage its security and risk management objectives. Early exposure to security and risk management disciplines develops more qualified candidates and provides professional support for gender parity. MORE
Unless this is your first day working in cybersecurity, you’ve heard numerous times that we have a hiring crisis — there aren’t enough people to fill the need for security talent. Current projections show that we will have nearly two million job vacancies in the security sector by 2022. Fixing this will require changes to the way we hire, train, and retain security pros. cybersecurity security & risk talent management promoted MORE
cybersecurity information security retention management security & risk staff development & succession management Security & RiskAs an industry, we gripe about hiring and struggle with retention. MORE
Creating simple, practical and pragmatic risk appetite statements enabled this CISO to break down the cultural disconnect that existed between the security team and the different business units. This is one of seven security and risk management trends that Gartner expects to impact CISOs in 2019. 2: There is renewed interest in implementing or maturing security operations centers (SOCs) with a focus on threat detection and response. Security MORE
Cloud security is one of those things that everyone knows they need, but few people understand how to deal with. I The good news is that it’s actually pretty simple, and somewhat similar to security for your enterprise systems. Note that you need to deal with security at the directory level as well, so the directory itself does not become a vulnerability. Security ops. Often overlooked, this is the operational aspect of all of security. MORE
What does this mean for cloud security? · This rapid shift to the cloud raises new issues and challenges for security and risk professionals. Traditional perimeter-based security tools do little to protect cloud workloads. Securing data and applications that reside in the cloud is increasingly critical as more mission-critical apps and high-value data and intellectual property move to the cloud. Cloud Security. cloud access security brokers. MORE
Yet while drones introduce a range of use cases, the growth of drones also represents a new physical threat that demands the attention of security […]. age of the customer security & risk Drones emerging technology Physical Security Security & Risk MORE
When George took over as the CISO of a retail company, IT security was relatively simple. But as the organization has grown — adding online ordering, more employees and a host of cloud-based platforms and technology to support digital business across the organization — so have the security vulnerabilities. Plus, increased attacks and phishing attempts make it difficult to know what security projects to focus on and where to get the most ROI. Project 9: Container security. MORE
The Information Security Profession – Where do I Start? I am often asked by individuals to provide advice or guidance on how to get started in the field of information security. Cyber InfoSec education infosec security awareness tools training MORE
age of the customer security & risk #cyberinfluence #ciso CEO cybersecurity digital business digital strategy Security & Risk small business Zero TrustThis week is BlackHat. The annual Hacker Summer Camp as many folks call it. MORE
I was recently in a very high-cost (around $6K), one-week security course in San Francisco. You can infer the institution. The instructor was dynamic, and the topic was focused on technical hacking. A how-to for breaking into computers, detecting the break-in, etc. At the end of the week there was a little ‘capture the flag’ […]. InfoSec compliance framework NIST PCI MORE
Cyber security is a business necessity, according to the T-Mobile security chief in Poland MORE
Security Related Topics CEB IT
OCTOBER 10, 2019
Cloud security breaches consistently make news headlines. The ambiguity that surrounds cloud computing can make securing the enterprise seem daunting. Concerns about security have led some CIOs to limit their organizational use of public cloud services. However, the challenge exists not in the security of the cloud itself, but in the policies and technologies for security and control of the technology. to “Am I using the cloud securely?”
Forrester IT
JULY 22, 2019
Composed of the internet of things, “smart cities,” aimed to optimize operations, present new security and privacy […]. government IoT security physical security security & risk digital transformation IoT Security & Risk
Forrester IT
JULY 8, 2019
age of the customer cloud security content security cybersecurity data security endpoint security information security IoT security mobile security network security physical security privacy security & risk
Forrester IT
AUGUST 8, 2019
age of the customer security & risk #cyberinfluence #ciso CEO cybersecurity digital business digital strategy Security & Risk small business Zero TrustThis week is BlackHat. The annual Hacker Summer Camp as many folks call it.
David Linthicum
JUNE 25, 2019
I found some interesting statistics in this RedLock article that illustrate the severity of the cloud security problem: Only 7 percent of businesses have good visibility of all critical data, and 58 percent say they only have slight visibility.
Forrester IT
AUGUST 27, 2019
Security and risk pros have the opportunity to shape the future of technology and business in ways we might have only dreamed of two years ago. cybersecurity security & risk zero trust promoted
Forrester IT
MARCH 22, 2019
Microsoft has announced support for macOS in its rebranded Microsoft Defender ATP product, taking this product from being an offering that could be considered an add-on for hardening its own operating system to a multiplatform security solution.
Forrester IT
APRIL 22, 2019
Yet while drones introduce a range of use cases, the growth of drones also represents a new physical threat that demands the attention of security […]. age of the customer security & risk Drones emerging technology Physical Security Security & Risk
Forrester IT
NOVEMBER 19, 2018
I published my first Forrester Wave™ today, covering the managed security services provider (MSSP) market in Europe.
Forrester IT
MARCH 25, 2019
Today we released our 2019 Security & Risk Recommendations report. We collected contributions from our colleagues across the Forrester Security & Risk team to identify the most important actions security leaders should take in 2019.
Forrester IT
AUGUST 1, 2019
security & risk cybersecurity healthcare Security & RiskHindsight is 20/20; it’s easy to look back on past mistakes and identify ways to prevent them from reoccurring, especially when it comes to breaches reported on the Office of Civil Rights (OCR) “Wall of Shame”.
Forrester IT
APRIL 11, 2019
Besides the security concerns of social media sites potentially mining […]. security & riskAt the start of the new year, a meme called the 10-Year Challenge went viral.
Forrester IT
MAY 30, 2019
I have recently released a new report looking at the second phase of the Payment Services Directive (PSD2) and its security requirements along with my colleagues Jacob Morgan and Andras Cser. age of the customer banking financial services security & risk
Forrester IT
JANUARY 14, 2019
Venture capital and private equity spending on security technology reached an all-time high in 2018. While that total may pale in comparison to other fast-growing markets such as fintech ($124B) or transportation tech ($150B), consider that 65% of that $31B in security has […].
CEB IT
SEPTEMBER 28, 2019
The incident stirred new conversations around cybersecurity and how chief information security officers (CISOs) can combat cyberattacks. . Ahead of Gartner Security and Risk Management Summit in Dubai , Smarter With Gartner reached out to analysts presenting at the event to ask how security and its position in the business has evolved in light of the vehemence of malicious attacks. . Read more: 5 Security Questions Your Board Will Inevitably Ask. Security
Forrester IT
JUNE 12, 2019
age of the customer security & risk IAM identity and access Security & Risk Zero TrustIt’s the summertime, and my daughters are home from school.
The Investing Edge
JANUARY 6, 2018
Meltdown and Spectre, dossier drama, and more of the week's top security news. Security
CEB IT
JUNE 18, 2019
When George took over as the CISO of a retail company, IT security was relatively simple. But as the organization has grown — adding online ordering, more employees and a host of cloud-based platforms and technology to support digital business across the organization — so have the security vulnerabilities. Plus, increased attacks and phishing attempts make it difficult to know what security projects to focus on and where to get the most ROI. Project 9: Container security.
CEB IT
JUNE 17, 2019
When Amy, the CISO of a healthcare provider, looked at cloud security across the enterprise, she realized the default access control models were creating a variety of access issues. BeWell’s infrastructure as a service (IaaS) providers defaulted to a secure state, allowing only the owner access. We’re now being asked how we’re helping the enterprise realize more value while assessing and managing risk, security and even safety. Security
David Linthicum
JULY 30, 2019
I’m often taken aback by the lack of granularity when it comes to security identity management. For those of you who don’t deal with security operations, or secops, we can create groups using any number of dimensions or domains.
Anoop
JANUARY 30, 2019
The focus on Windows security verticals is changing very fast. Traditional security tools might have many challenges with modern technologies based on the cloud. You might need to revamp the digital security strategy. From this post, you will learn high-level details about Microsoft’s digital security strategy. Modern technologies could pose verity of new security challenges […]. Subscribe YouTube Channel [link].
David Linthicum
NOVEMBER 16, 2018
Cloud security is one of those things that everyone knows they need, but few people understand how to deal with. I The good news is that it’s actually pretty simple, and somewhat similar to security for your enterprise systems. Note that you need to deal with security at the directory level as well, so the directory itself does not become a vulnerability. Security ops. Often overlooked, this is the operational aspect of all of security.
David Linthicum
AUGUST 13, 2019
This should surprise no one, considering the amount of core business assets that are being pushed to the cloud now, as well as the amount that security providers are spending on cloud. The worldwide market for cloud intrusion protection software is projected to grow by $1.8
Linux Academy
MAY 31, 2019
This week, we’re discussing secure configurations, and why they matter. Our friends at the Center for Internet Security (CIS) listed “Secure Configurations” as the No. 5 most important security control on this year’s Top 20 hit list.
Forrester IT
SEPTEMBER 23, 2019
Meet David Holmes, the new analyst on the Security and Risk team. age of the customer
Doctor Chaos
JANUARY 29, 2018
I was recently in a very high-cost (around $6K), one-week security course in San Francisco. You can infer the institution. The instructor was dynamic, and the topic was focused on technical hacking. A how-to for breaking into computers, detecting the break-in, etc. At the end of the week there was a little ‘capture the flag’ […]. InfoSec compliance framework NIST PCI
Doctor Chaos
JANUARY 1, 2017
The Information Security Profession – Where do I Start? I am often asked by individuals to provide advice or guidance on how to get started in the field of information security. Cyber InfoSec education infosec security awareness tools training
Forrester IT
AUGUST 6, 2019
Unless this is your first day working in cybersecurity, you’ve heard numerous times that we have a hiring crisis — there aren’t enough people to fill the need for security talent. Current projections show that we will have nearly two million job vacancies in the security sector by 2022. Fixing this will require changes to the way we hire, train, and retain security pros. cybersecurity security & risk talent management promoted
CEB IT
NOVEMBER 11, 2019
This type of connected employee, while a boon to the organization, can be a nightmare to the chief information security officer (CISO). Secure access service edge, or SASE, supports the need for dynamic secure access,” says Lawrence Orans , Vice President Analyst, Gartner. “It It offers security and network professionals the opportunity to completely rethink and redesign network architectures over the next decade.”. Security
Computer Weekly
OCTOBER 13, 2017
Cyber security is a business necessity, according to the T-Mobile security chief in Poland
CTOvision
JUNE 13, 2019
Fugue automates enterprise cloud security and compliance enforcement to prevent data breaches, policy violations, and system downtime. Fugue ensures cloud infrastructure stays in continuous compliance with enterprise security policies.
CEB IT
MAY 30, 2019
For every 100 security and risk management (SRM) executives, only about a quarter of them are women. The Gartner Gender Diversity in Security and Risk Management Survey explored how gender diversity impacts the ability of an organization to manage its security and risk management objectives. Early exposure to security and risk management disciplines develops more qualified candidates and provides professional support for gender parity.
Forrester IT
JUNE 8, 2017
What does this mean for cloud security? · This rapid shift to the cloud raises new issues and challenges for security and risk professionals. Traditional perimeter-based security tools do little to protect cloud workloads. Securing data and applications that reside in the cloud is increasingly critical as more mission-critical apps and high-value data and intellectual property move to the cloud. Cloud Security. cloud access security brokers.
CEB IT
AUGUST 18, 2019
How secure are we? Why do we need more money for security, when we just approved X last year? Chances are, most security and risk leaders have heard these questions, possibly multiple times, from their boards of directors. Are we 100% secure? Boards today are more informed about security risk, with just 15% of directors reporting their boards have very little to no knowledge of cyberrisk, down from 22% in 2015. What it sounds like: Are we 100% secure?
CEB IT
JUNE 19, 2019
Creating simple, practical and pragmatic risk appetite statements enabled this CISO to break down the cultural disconnect that existed between the security team and the different business units. This is one of seven security and risk management trends that Gartner expects to impact CISOs in 2019. 2: There is renewed interest in implementing or maturing security operations centers (SOCs) with a focus on threat detection and response. Security
150 
Let's personalize your content