NIST CSF Questions from the Road Part 2

How does operationalizing the CSF benefit an organization when it comes to dealing with an attack? There is a lot of interest around the NIST CSF. A recent Rsam survey revealed that 87% of InfoSec leaders said they plan to incorporate NIST CSF into their risk and compliance strategy. A 2017 HIMSS Cybersecurity Survey also ….

Security Orchestration| Cybersecurity| Eric Goldberg| Read more

Here’s What Security Leaders Want from NIST CSF

Recently, Rsam CEO Vivek Shivananda spoke with a diverse and engaged group of information security leaders who came to discuss the NIST CSF framework. The session was moderated by ISMG Media Editor Tom Field. The conversation revealed common challenges and hopes around how NIST CSF can help improve an organization’s security posture. During the conversation, ….

Integrated Risk Management| Security Orchestration| GRC| Eric Goldberg| Read more

What Factors Impact Successful Implementation of NIST CSF?

Many organizations plan to align their risk and compliance program around the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)? The framework, introduced several years ago, is quickly becoming one of the world’s de facto security standards yet organizations are struggling to implement it. Some of the struggle stems from not having an ….

Integrated Risk Management| Security Orchestration| GRC| Eric Goldberg| Read more

DDoS Detection & Response Rates Not Keeping Up with Spike in Attacks

According to a recent report titled, “Worldwide DDoS Attacks and Cyber Insights” Research Report” (by Neustar), the volume and velocity of DDoS attacks while detection and response times are lagging. More than 1,000 survey respondents across vertical industries participated in the survey. Eight-four percent said their organization suffered a DDoS attack in the last year, ….

Security Orchestration| Eric Goldberg| Read more

Incident Response Reconsidered

Listen to the full interview Rsam’s Timmerman on Why Organizations Need Both Proactive and Reactive Strategies Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn’t either or – that organizations need both. Here’s why. “If you’ve got an incident response ….

Security Orchestration| GRC| Eric Goldberg| Read more

This is Not Another Wannacry Blog

Ok. Maybe it’s a little. As cyber-attacks and cyber-terrorism make news daily, we are often treated to the same cyber-security maxims you hear at every keynote address: “Your security program should be proactive not reactive.” Who doesn’t want to be proactive? It sounds good at board meetings and strategic conversations with leadership.  However, the hype ….

Security Orchestration| GRC| Eric Goldberg| Read more


NY State Says New Regulations Could Provide National Cyber Model for Insurance Companies

At the National Association of Insurance Commissioners (NAIC) meeting in Denver this weekend, Maria Vullo, superintendent of the NY State Department of Financial Services, said that other states should adopt NY’s cybersecurity regulations as an example of how insurance companies could protect their organizations from breaches. “We believe the best way for industry to focus ….

Security Orchestration| Vendor Risk Management| GRC| Eric Goldberg| Read more

Security Incident Response Event: Norfolk, VA February 2

A new report released today by MarketIntelReports shows the global incident response market is expected to grow at a CAGR of 12.99% between now 2020. Concerns over data loss continue to plague organizations as scrutiny becomes even more intense.  Often the biggest impediments to addressing incident response begin with internal roadblocks. Rsam is hosting a ….

Security Orchestration| Eric Goldberg| Read more