Each year, Verizon researchers release the annual Data Breach Investigations Report (DBIR). Verizon began releasing the report in 2008, and for the past 15 years, the DBIR has been one…
Read More
By: Brett Davis, senior CISO consultant An information security management system (ISMS) is a critical component of every organization. An ISMS consists of the documented set of security controls in…
By: Jeff Hoskins, senior consultant, CISO Advisory According to the 2022 Verizon Data Breach Investigations Report, 82 percent of data breaches had some human element, such as phishing, misused credentials,…
By: Larry Kinkaid, senior consultant, CISO Advisory At every organization, different employees have different responsibilities. In order to be successful and do their job correctly, each employee needs to know…
By: Angela Redmond and Hannah Kenney How can you tell if your cybersecurity program is effective? While audits give you a deep dive over your program at a point in…
“Don’t worry about the documentation for now.” “We only have one person that knows how to fix this code.” “We don’t have time to finish testing until after release, so…
Data breaches can have disastrous consequences, particularly for startups or small to medium-sized businesses. According to Cybercrime Magazine, 60 percent of small companies go out of business within six months…
Vulnerability scans and penetration tests—they sound similar, right? Some use them interchangeably, but the truth is these terms are quite different when it comes to how they are carried out,…
Strong policies and procedures are the benchmark of any organization’s information security program. An information security policy defines the organization’s security standards and provides practical guidance to the company’s employees…
In a recent survey by Cisco, 84% of respondents indicated they care about data privacy—their own data, the data of others, and the desire for more control over how that…
