Suzie Smibert: The CISO Needs to Be a Business Leader More Than a Technical Leader
Eventually the CISO will have to go before the board and make the case for an investment. That’s when the CISO needs to be more of a business leader than a technology leader. A financial group within the company can help show if a security expenditure is going to have...
Vicky Ames: To Quantify Risk, Assess Potential Loss Events
A risk assessment methodology that analyses loss events in terms of dollar amounts can help quantify the risks a business faces. Dollar figures provide a common point of reference for security professionals and executives when conducting risk assessments. “We security...
Nehemiah Security: 7 Experts on Justifying Security Spend
The book includes insights from the following experts: Richard Rushing, CISO, Motorola Mobility, You Must Relate Requests to Concrete Problems You Will Solve >> Genady Vishnevetsky, CISO, Stewart Title, Understanding Business Priorities...
Scott Saunders: Early Detection Is Key to Shutting Down Attacks
Early detection and monitoring are important because they help a business shut down a potential attack before it worsens. Monitoring tools that incorporate artificial intelligence features can speed up the process of identifying and flagging unusual behavior. “It’s...
Scott Harris: Better Security Through Early Detection and Response
With the rise in cloud-based applications and third-party integration, early detection and response has become more important. To achieve the greatest ROI possible from their endpoint-security investment, businesses should also prioritize staff training and culture...
Paul Heffernan: Understanding Your Company’s Endpoint Security Requirements
To determine your endpoint-security requirements, you must first understand your environment’s unique characteristics. Threat modeling, threat actor simulations, and metrics may also indicate whether there is a need for increased endpoint security. “There are...
Robert Hood: Moving Real-Time Forensics to the Endpoint
Securing endpoints involves protecting them, having analytical tools that make it easier to find legitimate endpoint incidents, and educating against social-engineering attacks. Endpoint-security solutions with back-end analytics engines generally based in the cloud...
Mike Santos: To Secure Security Funding, Get Quantitative
When making the case for security funding, it’s often effective to share quantitative information about specific risks that the business faces. Business conversations about how best to manage security risks should be ongoing, continuing after the tools have been...
Kevin Fielder: Be Aggressive in Protecting Your Endpoints
You need to have something in place that detects misbehavior as early as possible, and that can also be looking at the behavior of other systems. You can be aggressive with your endpoint response. It’s unlikely one person losing use of their machine for a short time...
Kalin Kingsland: Be Able to Utilize the Data Generated by Endpoint Security Tools
Whatever data you are capturing, it is important to have the means to process it and leverage it into meaningful risk mitigation. Striking the right balance between functionality, operational cost, and risk mitigation provides value to other parts of the business,...
