By Kelly White, Founder, RiskRecon, a Mastercard Company
The impact of a destructive ransomware attack extends far beyond the organization whose systems are encrypted. It harms all those who depend on the goods and services of the organization that criminals have taken offline.
“Process and People first, THEN Technology” will always be at the heart of the winning formula here
On January 4, 2022, the Federal Trade Commission (FTC) warned that "It is critical that companies and their vendors relying on Log4j act now, in order to reduce the likelihood of harm to consumers, and to avoid FTC legal action." Additionally, the FTC has expressed a desire to further evaluate the dependency on open-source services and the potential impact on customers.
It is still amazing to see the amount of content online dedicated to justifying cyber security investments or convincing the Board…
CISOs being asked those questions should look beyond the topic itself and face the underlying issues it might be hiding.
If the reporting line of the CISO is the oldest ongoing topic of discussion amongst cyber security communities, security ROI is probably the second oldest…
In reality, it hides several endemic problems which have been plaguing the security industry for the last two decades.
A few big hacks in the US and everybody is talking about ransomware again… Time for a few hard truths