One of the biggest challenges that someone charged with overseeing a Continuity Program has is to prove that the program is worth its cost: “What is your program’s ROI?” I call that the “dreaded question.” I would like to propose another way to frame this question. What if continuity planners talked about value on investment […]
Business Continuity Management
Developing an impact-focused cyber breach exercise
A stark reality of today’s world is that businesses must constantly defend against relentless attempts to steal their computer data or damage their systems. Few, however, have serious plans for how they will respond to the impact of an actual breach – and even fewer stress-test those plans. Such exercises force real-time situation analysis and […]
Cybersecurity breaks into some of the top schools
A recent Accenture study found that 31 percent of companies believe a lack of training or budget is their single biggest inhibitor to combating cyber attacks. As cyber threats increase and security becomes a growing topic for businesses, cybersecurity must be tackled by more than just the IT department, but also by the executives of the company. […]
5 steps to defend against ransomware
The following is a guest post by a 2016 Secure360 Iowa platinum Sponsor LogRhythm. Over the past three years, ransomware has jumped into the spotlight of the cyberthreat landscape. Until recently, most ransomware attacks were simply opportunistic and mostly affected individual users’ or small businesses’ computers. The ransom demands have commonly been the equivalent of just […]
Most talked about security fails of all time
In honor of their 10-year anniversary, Dark Reading wrote an article discussing the biggest failed security trends, technologies and tactics from the past 10 years. Secure360 is using their post as inspiration for our own quick post on some of the most talked about security breaches and hacks from the past few years and our […]
Data breaches and compromised credentials
According to a Cloud Security Alliance (CSA) report, data breaches, account hijacking and malicious insiders all rated as top threats for IT professionals. In addition, the report found that these attacks often occur because of a lack of scalable identity access management systems, failure to use multifactor authentication, insufficient password use and a lack of ongoing […]
A look at national event security over the years
A little over 3 years ago, the Boston Marathon bombing triggered changes in the world of national event security. On April 15, 2013, two bombs went off near the finish line of the Boston Marathon, killing three spectators and wounding more than 260 other people. The bombings were followed by an intense manhunt that shut […]
Want the boss to behave? Have a plan: What the boss should really do in a crisis
Jim is one of the key speakers at the Secure360 Twin Cities Conference on Wednesday, May 18, 2016 at 4:15 p.m. One of the more powerful weaknesses in crisis response is the lack of specific roles and assignments for top management. The result of this crucial gap in crisis management planning is the mismanagement, lack […]
Could lack of security awareness cost $1 billion?
The following is a guest post by a 2016 Secure360 Twin Cities Gold Sponsor Optiv. The conventional wisdom says that the difference between robbery and fraud is this: in a robbery you know money was stolen, but you don’t know who took the money; in fraud, you know who took the money, but you don’t […]
A serious discussion about physical security
As a result of all the major security breaches recently, the security discussion has focused on risk management, cyber attacks and data security. Unfortunately, there has been another type of attack we have heard too much about in the past few years: physical attacks on buildings, often involving bombs or guns. One of the most […]
