Read Narinder Purba’s article about how cyber security is becoming a key boardroom agenda item on We Live Security :
An increase in the number of cyberattacks and growing awareness of the threat has made cybersecurity a key boardroom level agenda item. This is according to a new study from Marsh, which stated that there has been a discernable increase in the understanding of cyberthreats among board members.
Read Brian A. McHenry explain what security assessment is on Information Security Buzz :
Growing up, I think every kid heard a parent or teacher or coach tell them to sit or stand up straight. At the time, it was never quite clear why good posture was so important at the dinner table, in the classroom, or on the field. However, as we grow up, the lesson is apparent: good posture helps us be more attentive, more respectful, and more able to react.
Read Stephen Nardone why says that it is necessary for companies to protect themselves with a cyber security assessment on CIO :
The ugly truth is that your organization has either been the victim of a recent cyber security breach, or it will be. Despite spending billions on cyber security—$75 billion last year, growing to $170 billion by 2020—the bad guys appear to be winning. “Breach is the new normal,” said Christina Richmond, program director for security services at IDC.
Read David Greer explain how companies can perform a risk assessment on CSO Online :
Without a complete and thorough risk assessment including all its component parts (discussed herein), you might as well open all your data assets to unbridled exfiltration via Port 80 without any security checks at all. In the end, attackers and criminal digital profiteers will get what they came for in either case.
Read why Jason Polancich says depending on cyber risk assessments is a risk on Security Week :
Just this past week, a recent study hit the news that concluded – as many studies have before it – that the Transportation Security Administration (TSA) is fundamentally not effective at making air travel more secure in a post-9/11 world. One of the major failures? Their periodic screening process.
It seems that, for a variety of reasons, their methods are not only causing the ineffectiveness, but themselves are a source of additional security risk above and beyond the threats they’re trying to stop.