6 Reasons Why Buying SaaS GRC Software Is a Safe Decision

Written by - July 27, 2017
SaaS GRC Software is a Safe Decision

Cloud vs. on premise GRC software: a CIO’s dilemma? Well, maybe, and maybe not. Cloud based software solutions or cloud based computing is the new kid on the block. IDG in its 2014 study shows that 69% of enterprises had applications and infrastructure running in the cloud. Looking at such statistics, you are forgiven for thinking that everyone is moving to the cloud: after all, if something is in the cloud it is better, right? The truth is there are those who are sticking to on premise software. In as much as this on premise vs. cloud debate is raging, I would like to be the moderator and say the cloud is winning. Here are six reasons why buying SaaS…

Tags: ,
Categorized in:

Cybersecurity Management and GRC Automation

Written by - July 18, 2017
infosec compliance awareness

As wave after wave of cyberattacks threatens international security, cybersecurity management becomes more pressing. Although it has always been on business’s radar, the recent barrage brings the impact of cyberattacks to the forefront. With this in mind, a recent study from Crowd Research Partners found that 54% of cybersecurity professionals anticipate successful attacks within the next twelve months. Moreover, the research found that 62% believed threat detection needed to be improved. Meanwhile, 43% wanted better analytical capabilities, and 39% wanted to focus on threat blocking.   How to Use GRC Automation for Cybersecurity Management and Threat Detection  Cybersecurity management focuses on knowing your threats and understanding your risk profile. Security Magazine noted that there were seven steps to automating cyber threat…

Wednesday’s Women in Infosec: Kristina Birk

Written by - July 12, 2017
Kristina Birk

This month’s profiled woman in information security is Kristina Birk. Ms. Birk has been working with technology since 19*cough-cough*, spending the bulk of her career in IT operations and architecture. After stints at General Dynamics and CSC, Ms. Birk joined Duo Security in 2013 as the first (but no longer only!) woman in the Engineering group. Reciprocity: If you had to choose one event that led you to work in information security, what would it be and why? Kristina Birk: Luck and circumstance – really. I was relocating from California to Michigan and had a few job offers from companies in very different verticals. I wound up choosing the government contractor because it sounded interesting. I was coming from an aerospace company…

Protecting Your Data From Ransomware

Written by - July 6, 2017
Protecting Your Data From Ransomware

On a certain aesthetic level, you have to admire ransomware attacks. At first glance they seem like just another headache under the broad category of “cybersecurity risk”—but nothing could be further from the truth. Ransomware is fundamentally different from run-of-the-mill threats like network penetration attacks or phishing scams to get the CEO to email employees’ personal data. Foremost, nothing gets “stolen” in the traditional sense of the word—which can mean, under a strict reading of the law, that ransomware attacks don’t need to be disclosed. That crucial distinction has big implications for your internal controls and third-party oversight so that your firm doesn’t fall into ransomware’s trap. Let’s take a look. First, ransomware doesn’t necessarily trigger a duty to disclose,…

Tags: , , ,
Categorized in: