Today’s pace of business is many times that of business two decades ago. Yet most organizations do not update their corporate security risk picture with any greater frequency than they did back then.

Corporations today face increased levels of risk from software vulnerabilities hidden in their business-technology systems and from hackers and cyber crooks who try to steal proprietary corporate ...

In 2017, the Security Leadership Research Institute (the Security Executive Council’s research arm) asked security practitioners to choose from a list of which risk-related activities their security ...

ITRA covers Sections 2 and 5 of the Security Standard for the Solutions Life Cycle Management (SLCM) process. You can find a link to the Security Standard: Solutions Life Cycle Management process in ...

Risk assessment is a systematic method of analyzing risk. It started in the nuclear and aeronautical industries, and has now spread to many other industries including the finance, transportation, ...

As GenAI tools and Software-as-a-Service (SaaS) platforms become integral components in the modern employee toolkit, concerns regarding data exposure, identity vulnerabilities, and unmonitored ...

Businesses must convince customers their personal data is safe. Run a cybersecurity risk assessment to protect company and customer data.

Regardless of their political beliefs, Americans want to prevent another terrorist attack from occur­ring in the United States. In the face of increasingly diffuse threats and adversaries ...

I’m forever reinventing the wheel, and this time around, I’m focusing my efforts on the oh so exciting field of risk assessment. In the process, I try to put aside conventional wisdom and cultivate ...

Even pro computer security defenders have trouble separating real threats from unlikely ones. Here are three crucial -- and common -- mistakes to avoid Computer security defenders are notoriously ...

Health care providers and others who must comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) have specific requirements under the Security Rule to HIPAA when it ...