Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner. In Gartner’s latest quarterly Emerging Risks Report, 110 senior executives in risk, audit, finance and compliance at large global organizations identified cloud computing as the top concern for the second consecutive quarter….

Business leaders are becoming increasingly conscious of the impact cybersecurity can have on business outcomes. Gartner said that security leaders should harness this increased support and take advantage of six emerging trends, to improve their organization’s resilience while elevating their own standing. Trend No. 1: Senior business executives are becoming aware that cybersecurity has a…

Insider threat is a growing area of concern and confusion among security practitioners. Typically accustomed to concentrating their resources on combating external threats, many security teams are eager yet unsure of how to combat threats that arise internally. This uncertainty, unfortunately, is often exacerbated by numerous common myths and misconceptions about insider threat, some of…

Organizations must manage known vulnerabilities in web applications. When it comes to application security, the Open Web Application Security Project (OWASP) Foundation Top 10 is the primary source to start reviewing and testing applications. The OWASP Foundation list brings some important questions to mind: Which vulnerability in the OWASP Foundation Top 10 has been the…

The overwhelming demands on security leaders today can have a paralyzing effect. Gartner analysts provided guidance to security and risk leaders and practitioners on how to be empowered to adapt their people, processes and technologies to address the old and the new; to transform their approach to risk governance to be more continuous and inclusive;…

Senator Ron Wyden (D-Ore.) on Tuesday asked the chief information officer at the U.S. Department of Defense (DoD) to take immediate action to ensure that the organization’s websites use HTTPS. The senator noted that some of the DoD’s websites, such as the ones belonging to the NSA, the Army, and the Air Force, do use…

The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records of personal information swiped—part of which was “backlist,” historical transaction information dating back to more or less a…

At first glance, it may seem strange to be asking you where you are in your GDPR journey when enforcement for the regulation begins on May 25 — which is now less than 60 days away. After all, GDPR was approved way back in April 2016, and here at IBM we’ve been talking and blogging…