Late last year, Marriott announced a data breach that affected nearly half a billion of its customers. What started as a small breach four years ago should have been the stimulus to uncovering existing vulnerabilities, evaluating processes, and improving cybersecurity for the future..
Is Cybersecurity One Word or Two? When you submit your NIST Cyber Security Framework roadmap, What is cybersecurity preferred spelling.
How does operationalizing the CSF benefit an organization when it comes to dealing with an attack? There is a lot of interest around the NIST CSF. A recent Rsam survey revealed that 87% of InfoSec leaders said they plan to incorporate NIST CSF into their risk and compliance strategy. A 2017 HIMSS Cybersecurity Survey also ….
Recently, Rsam CEO Vivek Shivananda spoke with a diverse and engaged group of information security leaders who came to discuss the NIST CSF framework. The session was moderated by ISMG Media Editor Tom Field. The conversation revealed common challenges and hopes around how NIST CSF can help improve an organization’s security posture. During the conversation, ….
Many organizations plan to align their risk and compliance program around the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)? The framework, introduced several years ago, is quickly becoming one of the world’s de facto security standards yet organizations are struggling to implement it. Some of the struggle stems from not having an ….
According to a recent report titled, “Worldwide DDoS Attacks and Cyber Insights” Research Report” (by Neustar), the volume and velocity of DDoS attacks while detection and response times are lagging. More than 1,000 survey respondents across vertical industries participated in the survey. Eight-four percent said their organization suffered a DDoS attack in the last year, ….
Listen to the full interview Rsam’s Timmerman on Why Organizations Need Both Proactive and Reactive Strategies Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn’t either or – that organizations need both. Here’s why. “If you’ve got an incident response ….
Ok. Maybe it’s a little. As cyber-attacks and cyber-terrorism make news daily, we are often treated to the same cyber-security maxims you hear at every keynote address: “Your security program should be proactive not reactive.” Who doesn’t want to be proactive? It sounds good at board meetings and strategic conversations with leadership. However, the hype ….
Just three weeks after the effective date of the new NY State Cybersecurity regulations, New York Attorney General, Eric T. Schneiderman, announced that in 2016 his office received a record number of data breach notices in 2016. The close to 1,300 reported data breaches in 2016 represented a 60 percent increase over the previous year; ….
At the National Association of Insurance Commissioners (NAIC) meeting in Denver this weekend, Maria Vullo, superintendent of the NY State Department of Financial Services, said that other states should adopt NY’s cybersecurity regulations as an example of how insurance companies could protect their organizations from breaches. “We believe the best way for industry to focus ….