The CISO’s toolkit must include political capital within the C-suite
Effective CISOs need to clearly articulate risk and mitigation strategies in business. They must be clear, precise, and, above all, speak truth to power.
Stories by Christopher Burgess
Finding the nirvana of information access control or something like it
Security teams must embrace the principle of least-privilege access to build an effective data control model based on an individual’s role, appropriate policies, and need to know.
Small- and medium-sized businesses: don’t give up on cyber security
When the focus is often on the big hacking and ransomware cases involving multinational companies and governments, small- and medium-sized businesses can often feel left behind and powerless. But help is out there.
Insider risk management: Where your program resides shapes its focus
Choosing which department should be responsible for protecting an organisation from threats from within isn’t always straightforward.
The Merck appeal: cyber insurance and the definition of war
Pharmaceutical giant Merck’s won an appeal that might see it claim $1.4 billion from insurers due to the NotPetya ransomware attack. The decision hinged on the definition of war and it could also affect how insurance terms are defined in the future.
Views of a hot cyberwar — the Ukrainian perspective on Russia’s online assault
A report from Ukraine’s cybersecurity service reveals insight into what the country has been facing from belligerent attackers and holds a lesson for CISOs.
Yes, CISOs should be concerned about the types of data spy balloons can intercept
The Chinese airship that floated over the US and Canada was likely a multipurpose intelligence platform, gathering a variety of information types.
Mondelez and Zurich’s NotPetya cyber attack insurance settlement leaves behind no legal precedent
Mondelez and Zurich Insurance settled a keenly watched lawsuit over how cyber attack insurance applies to intrusions from nation states during wartime.
Data capture by border agencies can and will happen – are on-the-road employees prepared?
Many countries routinely download device content from travelers at the border. Getting ahead of this eventuality can help protect sensitive data and maintain privacy for employees and their company.
Guilty verdict in the Uber breach case makes personal liability real for CISOs
The conviction of Uber's former CSO could change the roles of top security leaders and raises the level of personal risk in the wake of a breach.
The astronomical costs of an asset disposal program gone wrong
An information technology asset disposal program can protect a company against the potential catastrophe of data leaks from gear you’re getting rid of.
Russia’s cyber future connected at the waist to Soviet military industrial complex
New research raises questions about whether Russia's cyber warefare operations are up to modern day challenges.
Transparency and policy shapes Cloudflare’s Kiwi Farms decisions
Cloudflare's blocking of hate-based forum Kiwi Farms is the latest in a string of controversial actions and inactions around bad behaving customers.
China, Huawei, and the eavesdropping threat
In the world of intelligence, Huawei is an espionage threat not because of what it has done but because of what it can do.
Governments and businesses warned over China's influence
China uses personal, business and political relationships to gather information and influence actions. U.S. and UK government agencies urge caution.
Brand Post
Scale AI while avoiding costly IT and Infrastructure investments with IBM embeddable AI
By Kalyan Madala, CTO, IBM ASEANZK
Sponsored By
