Guide
15 Myths and Risk Factors in Vulnerability Management
Mon, 08/15/2022
Vulnerability management (VM) is a much talked about practice in the IT security industry. Whether it’s the debate on vulnerability scoring, how to implement a suitable VM program based on your own resources, or even trying to convince leadership a VM solution alone won’t solve all your cybersecurity issues, the debate is still strong. As one of the top three CIS Controls, VM is one of the first...
Guide
Understanding Your Attack Surface: The First Step in Risk-based Security Intelligence
Mon, 08/15/2022
As chief information security officer (CISO), it’s now a job requirement to effectively communicate with your non-technical C-suite and board of directors—preferably not just after there’s been a breach. This is the first in a series of executive white papers designed to share strategies for reducing your attack surface risk as well as how to clearly and objectively communicate your overall security posture to non-technical executives. Download this white paper and learn about: The definition of “attack surface” — and risks associated Design goals of attack surface analytics What non-technical C-suite executives and board members want
Guide
Multi-Cloud Security Best Practice Guide
Mon, 08/15/2022
When you opt to use multiple cloud providers, you’re implementing a multi-cloud strategy. This practice is increasingly common, and can refer to mixing SaaS (software as a service) and PaaS (platform as a service) offerings as well as public cloud environments that fall under the IaaS (infrastructure as a service) category. The most common public cloud environments today are Amazon Web Services...
Guide
Adjusting to the Reality of Risk Management Framework
Mon, 08/15/2022
The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security. Federal entities need to understand and utilize RMF as a core part of their FISMA compliance activities...