Page 2 - White Papers in Governance & Risk Management

How Lucrative Are Vulnerabilities? A Closer Look At The Economics of The Exploit Supply Chain

How much do you know about the supply chain that takes a vulnerability and turns it into an exploit? In this new report, Tenable Research explores the lifecycle of exploits - from discovery to utilization in a breach. Their analysis of cybercrime economics will help you better protect your organization. Read the...

Practical Industrial Control System (ICS) Cybersecurity: IT and OT Have Converged - Discover and Defend Your Assets

Written by SANS experts, Practical Industrial Control System Cybersecurity: IT and OT Have Converged explores key issues arising when IT and OT are combined into cyber-physical systems, where risks must be continually identified and managed. Download the whitepaper to learn how to answer these key questions: Why...

Closing the Cybersecurity Skills Gap: How to Address Skills and Capacity

Organizations across all sectors are experiencing the cybersecurity skills gap however, it's not just a skill deficit - it's a capacity gap that is widening, driven mainly by the fact that our networks are becoming more complex.They're more distributed, mobile- and cloud-enabled; therefore, it's becoming more of a...

A Common Sense Approach for Assessing Third-Party Risk

"How secure is your supply chain?" It's a question that can strike terror into the heart of a CISO - even one who's in charge of a mature security organization.

Gartner: Seven Imperatives to Adopt a CARTA Strategic Approach

This Gartner report charts your course to the future of information security with Gartner's "continuous adaptive risk and trust assessment" (CARTA) as your guide. This reports highlights a need for security and risk management leaders to embrace a strategic approach where security is adaptive, everywhere, all the...

Automatic Protection Against Advanced Threats

As damaging breaches continue to occur, more organizations are considering endpoint detection and response (EDR) solutions to address the incidents that aren't being handled adequately by their existing defenses. However, EDR solutions come in a wide variety of implementations and can vary significantly in scope and...

Key Approaches for Securing Business Operations

The role of the CISO is growing in importance, as is the need to have an enterprise-wide IT security strategy that supports the company's mission and goals. Download this research report and learn why: The CISO role is becoming more critical in managing enterprise risk; CISOs must articulate IT security...

How the Financial Services Industry is Staying a Step Ahead of Cyberattacks in 2018

Bug bounties are fundamentally changing the way financial service organizations approach the security of the Internet, moving from the realm of novelty towards becoming best practice. This report presents how the financial services industry is actively looking to bug bounty programs to augment their existing...

Overcoming the Unique Challenges Security Vendors Face in 2018

Security vendor products are held to a higher standard of security. They must help their customers solve complex security problems, as well as have the most stringent security measures in place throughout the software development lifecycle. To meet those standards, many security vendors are turning to more innovative...

Federal Agencies Tech Brief: Security Investigation, Detection and Rapid Response

The fact that Federal agencies are prime targets for the most sophisticated cyber threats is undeniable. If cyberattacks are inevitable, then robust capabilities for security investigation, threat hunting, and rapid response are essential. Government cybersecurity professionals require visibility across their silos of...

SSH Study: U.S., U.K. and Germany Executive Summary

A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...

Making Risk Management More Effective with Security Ratings

Although cyber security risk is now top of mind among executives and regulators, measuring and managing security risk levels has been a difficult task. Current risk management tools offer limited visibility and leave organizations vulnerable to emerging threats internally and within the networks of business partners...

Cybersecurity Benchmarking: A CIO's guide for Reducing Security Anxiety

Do your competitors and peers have a better cybersecurity game plan than you? If simply answering that question seems exhausting, this eBook is here to help. Today's chief information officer knows they can't outsource risk. Yet every year, cyber risk demands more and more time from the already-busy CIO. This...

How Employee Actions Lead to Cybersecurity Incidents

A recent global survey found that 52% of businesses admit that employees are their biggest weakness in IT security, with their careless actions putting business IT security strategy at risk. Download this whitepaper and learn: Common security mistakes employees make; How BYOD is making security more...

Buyer's Guide for Certificate Management

As certificate counts within the average organization rise to tens of thousands, it has become exponentially harder to manage them effectively. Many organizations turn to their certificate authorities (CAs) to protect the keys and certificates that each CA issues. The basic tools CAs provide are certainly a step up...