We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

 



June 18, 2018 | Password Management
By James Tarala, IANS Faculty

 Best Practices in Password Protection

With the recent spate of high-profile data breaches, many organizations are re-evaluating their password protection policies. In this Ask-an-Expert live interaction, IANS Faculty James Tarala offers a simple recipe for password protection, but says forward-looking organizations should also be preparing now for an MFA future.

Read More »


June 15, 2018 | Threats & Incidents

 Targeted Attacks: 19 New Groups Discovered in 2017

Targeted attacks are defined by Symantec as the work of organized groups, not individuals. The majority of these groups are state sponsored, and their goal is usually intelligence gathering, disruption, sabotage or financial gain. In 2017, there were 140 targeted attack groups detected by Symantec, an increase of 19 from the previous year.

Read More »


June 15, 2018 | Regulations & Legislation
By Mark Clancy, IANS Faculty

 Tackling the New York State Department of Financial Services (NYDFS) Cybersecurity Requirements

While the bulk of the new NYDFS cybersecurity requirements took effect in March, rules on audit logging, application security, data retention and risk based monitoring for staff with access to nonpublic information come into effect this September. In this webinar, IANS Faculty Mark Clancy addresses some of the major pain points such as data-at-rest encryption, continuous monitoring, and notification of “events." He also details strategies for complying with the NYDFS requirements right now, in the coming months, and looking ahead to the implementation date for third parties.

Read More »


June 14, 2018 | Leadership Skills

 Overview of Number of Cybersecurity Staff per Employee

Some 75% of global organizations reported having one full-time cybersecurity employee for every 500 and 3,000 end users. The exact number depends on the type of enterprise, their data data dependency, internet exposure and risk appetite.

Read More »


June 13, 2018 | Risk Management

 Risk Acceptance Template

This template for a risk acceptance memo is designed both to drive discussion, and provide an opportunity for business stakeholders (e.g., the system owner, business owner, etc.) to understand and perhaps even challenge the associated risk assumptions, constraints and calculations.

Read More »