As a CISO in a university, there are several specific challenges and potential pitfalls, or “gotchas,” that you should be mindful of. Here are some key considerations: User Awareness and Education: One of the significant challenges in the university environment is maintaining cybersecurity awareness among students, faculty, and staff. Implement […]
Blog
The company board expects the Chief Information Security Officer (CISO) to fulfill several key responsibilities related to cybersecurity and risk management. Here are some more expectations of the CISO (also see Part 1): Security Awareness and Training The board expects the CISO to develop and implement cybersecurity awareness programs to […]
The company board expects the Chief Information Security Officer (CISO) to fulfill several key responsibilities related to cybersecurity and risk management. Here are some common expectations of the CISO: Develop and Implement Cybersecurity Strategy: The board expects the CISO to develop a comprehensive cybersecurity strategy aligned with the organization’s goals […]
Why is Phishing such a big problem? Anti-phishing is critical to an organization’s cybersecurity posture. This is because today’s email attacks routinely bypass security controls such as secure email gateways, Microsoft 365 security, and Google Workspace security. All phishing attacks have the potential to result in financial loss, data breaches, […]
Weak or broken authentication is acknowledged by the OWASP as easily exploitable by hackers with extreme damage potential. Users need to be authenticated when they are trying to access an application or a service in a reliable, secure (and convenient) manner but this is not always practiced. 81% of data […]
Businesses need to scan the external available infrastructure and applications to protect against external threats. They also need to scan internally to protect against insider threat and compromised individuals. Pen testing should be conducted regularly, from monthly, to possibly quarterly. Because of the constantly evolving threat universe, once a month […]