Picture it: the company boardroom, two weeks ago: Due to “an uncertain economic outlook,” the expanded security budget and new hires you asked for in 2023 have been denied. As the company “tightens its belt,” you may even lose existing budget and some headcount. You had plans to use those resources to help you shore…

Like a member of any profession, a chief information security officer (CISO) grows into their role. They exhibit a maturity curve that can be roughly split into five attitudes: Protection: When a CISO first steps into their role, they look to perfect the basics and build a fortress for themselves in the form of firewalls,…

Government-sponsored hackers, who carry out cyberespionage campaigns, invest more resources than ever to find new ways of attacking the cloud. One of their preferred targets is Microsoft 365, previously called Office 365, a platform used by an increasing number of organizations of all sizes. From an intelligence collector’s perspective, it makes sense to target it….

The information security industry frequently utilizes the phrase “people, processes and technology” (PPT) to describe a holistic model of securing the business. But though this phrase is repeated ad nauseum, we seem to have forgotten one of those three primary pillars: people. In an effort to secure things technically, we prioritize the protection of our…

The Risk Management Framework (RMF) was first developed by the Department of Defense (DoD) to act as criteria for strengthening and standardizing the risk management process of information security organizations. The framework later became widely adopted by the rest of the U.S. federal information systems in 2010. While originally developed by the DoD, the National…

Effective Data Security Begins With a Strong Tech Foundation

Data is the engine of the modern economy. Whether it consists of customer data, intellectual property, market insights or financial information, these types of sensitive data enable the most successful businesses to thrive. It’s no surprise, then, that securing that critical data is increasingly a strategic priority for organizations around the globe. Not all organizations,…