security & risk

Better Late Than Never: There’s Still Time To Improve Your Pandemic Plans Companies are showing renewed interest in business continuity and revising their pandemic plans in response to the coronavirus outbreak. Last week, federal banking regulators issued additional guidance to help banks and their customers cope with the financial fallout of the outbreak. And a review of the risk sections of the annual reports for the Fortune 50 showed that about half […]

At present, it is difficult to remember life before the COVID-19 pandemic, but a key switch that has happened is the large-scale shifting of the population to work at home, as widely documented. Some mobile operators in the UK recently have had a bit of a bumpy ride, with spotty coverage and outages experienced as […]

Today we published “The Forrester Wave™: Enterprise Detection And Response, Q1 2020” report to help you understand how the 12 most relevant vendors in the space are squaring off against each other, with a focus on product functionality, vendor strategy, and client experiences. I’m honestly quite excited about this evaluation and have taken the concept […]

Security awareness testing for employees should be realistic. Yet those overseeing phishing drills should be careful when using coronavirus-related messaging.

Building a parallel VPN entry point or swapping MFA vendors is costly. Plus, there is the increased risk of expired tokens, user confusion, and system upkeep. In short, these challenges are daunting to implement and introduce new challenges. Take these four steps to develop an MFA resilience plan.

Pandemic Forces Agencies To Rethink Employee Experience A slew of industry event cancellations and delays — such as the live network upfronts, Advertising Week Europe, or the Cannes Lions International Festival of Creativity — is forcing marketers and their agencies to rethink how to best work during a pandemic. With most agency holding companies deferring travel and […]

In light of the COVID-19 pandemic, Vice President Stephanie Balaouras provides guidance for organizations evaluating GRC platforms.

Last October, Microsoft won the $10 billion U.S. Department of Defense (DoD) Joint Enterprise Defense Infrastructure (JEDI) contract. The 10-year agreement is part of a larger Pentagon initiative to modernize and unify its IT infrastructure, most of which still exists on technology from the 1980s and 1990s. The Microsoft decision came as a massive shock […]

Climate change will create endless obstacles for companies to navigate, yet firms continue to claim that there is no way to mitigate the risk. Currently, we are witnessing the damage created by not accounting for your third-party risks. We knew a new pandemic would come, and much like pandemics, climate change is inevitable.

Our #pandemicEX research project aimed to understand how employees are experiencing the spread of COVID-19. Read results here.

In prior years, the RSA Conference focused on themes such as Zero Trust, geopolitical risk, and automation. While those themes were still present at this year’s conference, it was harder to discern one dominant central theme for the conference. I inferred that “no new buzzwords” exemplifies the theme. This year’s RSA Conference suggested that the […]

PandemicEX: The Employee Experience Of A Pandemic The health and economic impacts of the novel coronavirus and the disease it causes, COVID-19, are important to track. But what about the effect on your employees? As our security and risk team wrote early on in this epidemic, not only do companies need a business continuity plan, but […]

While firms spend millions of dollars conducting and auditing compliance-driven activities, several of the steepest losses in valuation and market share were precipitated by strategic decisions which all but ignored the risks to the customer experience and the financial implications of a tarnished corporate brand. In the age of the customer, unless a technology continues […]

Just over two weeks ago, Susan Fowler’s book, Whistleblower: My Journey to Silicon Valley and Fight for Justice at Uber, published. She tells a story of a broken corporate culture where she experienced and witnessed sexism, harassment, and abuse during her time working for Uber. She confronted her HR department, where she was met with […]

Threats from ever savvier cybercriminals demand better, more comprehensive responses.

Johnson & Johnson And Apple Team Up To Save Lives And Create New Business Value Janssen Pharmaceutica, a Johnson & Johnson subsidiary, is partnering with Apple and Evidation Health to study how the Apple Watch can help identify atrial fibrillation (AFib) to reduce heart health losses. AFib, affecting nearly 6 million Americans, is the most common type of irregular heartbeat […]

Let’s face it: Web application firewalls (WAFs) rarely excite the security imagination. WAFs have been ubiquitous for at least 15 years and play an important role in detecting and blocking OWASP Top 10 application level attacks like SQL injection and cross-site scripting. WAFs are table stakes in any environment, but they suffer from the perception […]

In 2017, the US, famously and controversially, made the decision to withdraw from the Paris climate change agreement. And some of the 187 countries that remain in the agreement are struggling to meet their commitments. Recently, Australia came under international criticism for proposing to use a dubious accounting method to meet its 2030 carbon reduction […]