Information Security Blog
How a vCISO Strategy Can Save You Money—Because Nature Abhors a Vacuum
Aristotle once postulated “horror vacui” (nature abhors a vacuum). His idea was that empty or unfilled spaces are unnatural as they go against the laws of nature and physics. Interestingly, this applies to information security strategy as well. The Role of a Chief...
read moreRecovery Time Objectives (RTOs) & Your Disaster Recovery Plan
Recovery Time Objectives (RTOs) are the essential starting point for determining your disaster recovery strategy. Why? Because you need to know which functions are most critical and how long others can be deferred, so you can make the most time- and cost-effective...
read moreHow Long Does It Take You to Patch a Critical Vulnerability?
A recent report from tCell that analyzed more than 316 million security incidents shares key data on the most common real-world attacks targeting in-production web applications. One statistic that caught my eye is that it took an average of 38 days for businesses to...
read moreISO 27017 vs. CSA STAR – The Two Leading Cloud Security Standards Compared
With the exponential growth of cloud computing, organizations of all sizes need to understand their risks around storing sensitive data in the cloud, as well as investigate and implement cloud security options. To support this...
read more3 Reasons Why “Project Verify” Scares Me
A media buzz is building around an initiative by the “big 4” US mobile phone carriers (AT&T, Verizon, Sprint, T-Mobile) to replace mobile app passwords with a universal authentication service that leverages mobile phone data. Dubbed “Project Verify,”...
read more
