Tag: #cybersecurity

Imbalance between proactive and reactive cybersecurity

NIST Cybersecurity Framework (aka Framework for Improving Critical Infrastructure Cybersecurity) is an excellent resource for all organizations. There are 3 components to the framework as below: Core – Provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand. Tiers – These implementation Tiers help assist organizations by providing […]

Third Party Cyber Risk Management

Overview In this blog article, let us take a look at the current approach to Third Party Cyber Risk Management (TPCRM), what it leaves on the table and what is really desirable. Most organizations today work closely with their business ecosystem which is key for business continuity. This business ecosystem includes but is not limited […]

AWS Cloud Security Vulnerability CSPM

Cloud adoption has increased exponentially over the years. 94% of enterprises use the cloud already. There used to be two main camps of cloud users as below: Cloud users who were skeptical of security of public cloud in the first place. Cloud users who believe that public cloud takes care of all security aspects automatically […]

cyber security

Security and risk folks are constantly trying to improve security without impacting business productivity. It is key to determine which projects will drive most business value while reducing risk. In September 2020, Gartner published their recommendations for Top 10 Security Projects for 2020-21 that security and risk management leaders should focus on. Here is a […]

frictionless vulnerability management

Vulnerability assessment and management is a critical piece in the cybersecurity program for any organization. Most organizations perform periodic vulnerability scans. However, traditional vulnerability scanning tools have largely resulted in a painful experience for customers. This is due to multiple reasons as below: Need to install agents or scanner appliances across the fleet These agents […]

Cloud Security Posture Management CSPM

Organizations have increased public cloud usage, as there are obvious benefits (elasticity, pay-as-you-go subscription model, etc.). While adoption across cloud layers (IaaS, PaaS, SaaS) varies across organizations, one thing for sure is that IaaS usage is most prevalent. Organizations end up shifting to the cloud in an urgency and likely with a “lift and shift” […]

remote workforce vulnerability management

In an earlier blog article, we had a look at the challenges that organizations are facing with vulnerability management (VM) for their remote workforce. We briefly described what a Next Generation Vulnerability Management solution should look like for these scenarios. To summarize a Next Generation VM needs to be a cloud-based service which can provide […]

Remote workforce vulnerability management

Businesses always have had some remote workforce, but the current pandemic has resulted in an increased remote workforce. For most organizations nearly 90-100% workforce is now operating remotely (mostly work from home [WFH] cases). Functioning of this remote workforce is critical for business continuity. This has resulted in many sudden adjustments for IT and Security […]

Cyber Security

In InfoSec stress is a given, especially given that the InfoSec team needs to be right every time while bad actors need to be right only once. Vulnerability scanners overwhelm InfoSec teams, since these tools spew out a torrent of vulnerabilities. The whole scanning paradigm has outlived its value, but more about in a separate […]

It is my pleasure to share this blog article authored by Rohit Ghai, who we are fortunate to have as our advisor. Rohit is renowned in the industry and he currently serves as President, RSA Security. Recruiting machines to fight the vulnerability crisis A central pillar in any cyber resilience strategy is the idea of […]