Of all the areas under his direction - business continuity, GRC, data governance - third-party risk is the most challenging, says Peter Gregory, senior director of cyber GRC at GCI General Communications Inc. "Their breach is my breach," he says, offering mitigation advice.
As an international bank, Barclays needed to invest more in its information security training in order to minimize risk and ensure business continuity. The goal was learn and teach the modern way to minimize a security breach posed by the latest advanced threats.
Cyber sieges immerse teams in real-world cyberattack...
The cybersecurity sector has made strides in growing its workforce and improving diversity. But significant hurdles remain, and Clar Rosso, CEO of (ISC)², says the keys to clearing them include training and refining current hiring practices.
A recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. This led to development of the new MITRE ATT&CK Defender training and certification. Rick Gordon of MITRE Engenuity explains.
CIO. Consulting CISO. Mentor. Activist on behalf of recruiting more women for cybersecurity and leadership. Jo Stewart-Rattray has filled many roles, and she has great insights to share with those who are starting or changing careers.
The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation. Also featured: A discussion of why security education is so crucial in 2021 and tips on how to retain security and operations center analysts.
The shortage of trained cybersecurity workers has substantially declined this year as many more individuals entered the field, says Clar Rosso, CEO of (ISC)², the U.S.-based nonprofit association that offers training to cybersecurity professionals.
Students are increasingly turning to online universities as part of their educational experience. To keep students engaged, these platforms must provide positive user experiences, be consistently available, and remain secure. Cloudflare provides a scalable, easy-to-use, unified product stack to deliver security,...
Udacity is an online education company focused on making entry-level tech jobs more accessible through "Nanodegree" educational programs. Students from hundreds of different countries have gone through Udacity's programs, and some have been hired by top tech companies including Google, Amazon, and Facebook....
From the days of Rosie the Riveter, women have been closing the ranks in the disparity in gender in the workplace. Why, then, do women in the tech sector lag woefully behind?
Ann Sung Ruckstahl, senior vice president and chief marketing officer for Unisys, recently discussed the challenges "We're still in the middle...
Security awareness training helps educate organizations and prepare its people to defend against today's most threatening cyberattacks. But, sometimes well-intentioned strategies can have unintended consequences. Leveraging a "one-size-fits-all" solution may work for maintaining compliance, but what happens when a...
Why trust a former black hat? Hector Monsegur, a former member of LulzSec, discusses why his unique perspective is so valuable.
"Cybersecurity is a young industry that's starting to spread awareness and starting to really develop organizations' security postures," he says. "It's good that we have general awareness....
Security awareness training is typically an Achilles heel for enterprises. But there are simple elements that create an effective training solution.
Download this whitepaper to learn more about:
The security training challenge;
Elements of a successful program;
Details of Security First solutions.