Management News, Articles and Updates

The cloud is a strategic priority requiring skills that few providers possess

Starting a cloud strategy? Ask, fundamentally, how can the cloud and its capabilities be aligned to the requirements of the business over the next five or more years?

Sensitive medical records on AWS bucket found to be publicly accessible

A large cache of sensitive medical records handled by a US-based digital records management company was found stored in an Amazon S3 storage bucket without adequate protection.

Post-it with password spotted in online photo of Hawaii Agency HQ

The Hawaii Emergency Management Agency has had a lot of explaining to do after an employee pushed the wrong button during a test and pushed out an alert warning residents that a ballistic missile was headed their way.

Why 2018 could be the year cyber-security finally comes of age

Change is afoot in the cyber-security industry - from the shift in reporting styles and measures of success, to the evolving role and responsibilities of the CISO. Here's how this development could transpire in the year ahead.

Closing the skills gap: making the most of hybrid IT

To realise the full benefits of a hybrid IT, organisations need comprehensive monitoring solution & foundational skills like DART (discover, alert, remediate, and troubleshoot) & SOAR (secure, optimise, alert, and report) frameworks.

Building management systems still ripe for hacking

The security of building management systems has improved over the last few years but many of them aren't set up properly to avoid being hacked, according to security researchers.

To wipe out ransomware we first need to mature as an industry

To speak meaningfully and to be taken seriously by policy makers about issues like ransomware will require us not just to learn the language of the boardroom but the language of society at large, and of government.

News feature: Simulated attack, lessons learned on all sides

Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.

Former Yahoo chief executive Mayer testified before Congress, blamed Russia

Former Yahoo chief executive Marissa Mayer apologises for the two massive data breaches at Yahoo that occurred during her tenure and resulted in 3 billion credentials being stolen, blaming Russian agents for at least one of them.

Strong tech governance in the boardroom is a must

Senior leadership should pursue stronger business outcomes. Theresa Grafenstine says that becomes a much smoother proposition when at least one board member - ideally several - have expertise in governance of technology.

SSH privileged access has minimal control at most organisations

Although Secure Shell (SSH) keys provide the highest levels of administrative access they are routinely untracked, unmanaged and poorly secured according to a recent report by Venafi.

InfoSec problems? Listen to your CISO, put more emphasis on recovery

For those businesses that want to reduce the brand risk of cyber-attack, Marc Lueck says more emphasis on recovery is the easiest place to start. It will also go a long way to future proofing organisations against upcoming threats.

Organisations must wake up and ensure they actively manage cyber-security

Recent cyber-attacks reveal how vulnerable organisations are and that those who actively manage security have limited damage and recovered fastest says Matthias Maier

Company boards and management becoming more engaged with cyber-risks

Survey from consulting firm shows there is still much work to do to identify and protect the 'crown jewels' of mission critical data.

Cyber-security: tense topic for IT pros to discuss with their bosses

More than half of cyber-security professionals find it difficult to highlight possible security system weaknesses for senior management, while the rest find it more difficult to admit something has gone wrong.

Video: Building blocks of IT security 4 - Through-Life Operation

Building blocks of IT security 4: Through Life Operation can be unglamorous and unpopular because it can be where the realities of earlier expedience-driven omissions, reductions in capacity and capability come home to roost, says Tony Collings.

JD Wetherspoon breach: three data management mistakes that could have been avoided

Following the JD Wetherspoon data breach, there are many questions about the cause and the mistakes that led to it. But the company's mistakes offer valuable lessons for other businesses as Pat Clawson explains.

Why IT service management teams must play a key role in cyber resilience

When it comes to information security it's been well documented that everybody has a key role to play in protecting sensitive and valuable information, says Nick Wilding.

Faster security understanding with visualisation

Passive inspection is too slow in today's interconnected, data-rich IT environments, says Thibault Reuille.

How BYOD and collaboration trends solve corporate incident management

Workforce collaboration via mobile devices and apps is a positive thing, so long as business options are used says Joseph Do.

Supplier risk: The tip of the iceberg

You need to delve deeper into the risks in your supply chain to really know what your exposure is says Nick Ford.

Establishing habits of a highly effective security professional

Preparation and organisation can enable effective security for one man SOCs or small teams explains Joe Schreiber.

Why multi-factor authentication is a security best practice

Torben Andersen describes the top eight reasons why multi-factor authentication is a security best practice that CEOs need to ensure is implemented.

Security Partnerships: Engaging at the right level

A holistic approach to security management is needed to bridge the gap between stategy and technology says Chris Yule.

The challenge for cybersecurity is to find leadership

The way to avoid management by crisis is by having a strategy, goals, and plans to achieve them says Jarno Limnéll & Lior Tabansky.

FireEye add former Symantec CEO to board of directors

FireEye have announced that former Symantec CEO Enrique Salem has joined its board of directors.

Mitigating data compromise at the server level

Until fairly recently, headlines regarding data loss more often than not concerned lost laptops, USB drives and even CD-Roms.