ransomware attacks, endpoint security
NIST Cybersecurity Framework: First, See Everything
Josh Mayfield
NIST Cybersecurity Framework: First, See Everything

A long time ago in an organization far, far away… we had straightforward cybersecurity. There were relatively few assets, they were static and they accessed data through firewalls to prevent unauthorized access to a consolidated, authoritative data source: the network. Oh, and ‘apps’ weren’t a thing yet. We called them ‘programs’ or ‘applications’ and they were large, on-premises, and relatively homogenous. After all, if each business unit had their...

READ MORE
Security for Your Security
Oliver deGeest
Security for Your Security

Consensus, or at least the mutual acceptance of certain fundamental principles is rare across academia; rather, through dialogue and debate, individual viewpoints are challenged and progress occurs. The one exception, however, is the common pursuit to better predict and understand the future by first examining the past. With the benefit of hindsight, it is argued, individuals can spot trends to avoid pitfalls and better inform their decision making.  In...

READ MORE
The Complexity Gap
Josh Mayfield
The Complexity Gap

Enterprise Strategy Group (ESG) has been one of several organizations tracking the cybersecurity skills shortage and they have been sounding an alarm for many years. While a few tactical programs have attempted to address this shortfall, ESG views them more as lip service rather than a real solution. Alarmingly, the situation appears to be getting much worse—so much so that ESG and others now believe that the growing cybersecurity...

READ MORE