security
Security Research Center
A holistic approach to building an agile, robust security program.
Explore the Security Research CenterBuild an Information Security Strategy for Small Enterprises
Blueprint: Small Enterprise Resources
Build a business-aligned, risk-aware, holistic security strategy that is suited for your small enterprise: gather business requirements to prioritize improvements; assess risks, stakeholder expectations, and risk appetite to set meaningful targets; conduct a comprehensive gap analysis to...
Small enterprises need a security strategy just like any other sized enterprise.
Build a business-aligned, risk-aware, holistic security strategy that is suited for your small enterprise: gather business requirements to prioritize improvements; assess risks, stakeholder expectations, and risk appetite to set meaningful targets; conduct a comprehensive gap analysis to identify improvements; and build a flexible roadmap to set the program on the right footing.
Integrate Physical Security and Information Security
Blueprint: Security
Facing ever-increasing security threats, many organizations are unifying physical, cyber, and information security systems to gain the long-term overall benefits a consolidated security strategy provides.
Securing information security, physical security, or personnel security in silos may secure nothing.
Integrate Physical Security and Information Security. Solution Set. blueprint. Security. physical security personnel security information security security integration integration of physical security and information security operational technology security governance awareness and cross-training security processes security risks security policies and procedures incident response disaster recovery business continuity plan security incident response team LFBP. Facing ever-increasing security threats, many organizations are unifying physical, cyber, and information security systems to gain the long-term overall benefits a consolidated security strategy provides.. Securing information security, physical security, or personnel security in silos may secure nothing..
Design and Implement a Business-Aligned Security Program
Blueprint: Security
Laying the right foundations for your security program will inform future security governance, strategy, and architecture decisions you need to make and give your leadership team the information they need to support your success.
Focus first on business value.
This Excel tool will help you evaluate your security program against ten key design factors. It will produce a goals cascade that shows the relationship between business and security goals, a prioritized list of security capabilities that align to business requirements, and a list of program accountabilities.
Security Program Design Tool
Tool: Security
The Security Program Design Tool will help you tailor the security program to what makes your organization unique to ensure business-alignment.
Enable Your COVID-19 Security Response
Note: CIO
This guidance serves as a quick checklist of considerations to enable your security responsiveness in an altered work environment.
Enable Your Security Agenda Ensure that the highest priorities are being focused on and free up much needed technical and security expertise to focus on setting up, securing, remediating, and monitoring the new extended work environment. During this transition, security response is more important than ever.
Future-Proof Your Security Program: 2025 Security Trends
Live Webinar:
Responding to these threats will require new security skills.
Government: Considerations for a Security Strategy
Note: Industry Coverage
Governments are focused on improving areas of security across people, process, and technology. Here is what we’ve learned across 15 security governance workshops with government agencies.
HR Security: Governments tend to be proficient at screening new employees and properly terminating or modifying employee access during a termination/change in employment. Physical Security: Governments tend to be proficient at controlling visitor/guest access and physically securing ingress and egress points.
Secure Your High-Risk Data
Live Webinar:
A multi-layered approach that covers all the bases and data sources and comprehensive security that’s as fluid as the data it protects. In today’s complex and dynamic tech landscape, securing data is no longer as simple as implementing a set of controls around a specific application and database.
Integrate Threat Intelligence Into Your Security Operations
Blueprint: Security
Organizations are struggling to get ahead of threats as they continue to respond reactively rather than proactively. Don’t be left behind. Develop a manageable and streamlined threat intelligence program to bolster situational awareness and proactively defend against impending attacks.
Action beats reaction.
Security pressure posture analysis helps your organization assess your real security context and enables your organization to invest in the right security functions while balancing the cost and value in alignment with business strategies.
Security Pressure Posture Analysis Tool
Tool: Security
Security pressure posture analysis helps your organization assess your real security context and enables your organization to invest in the right security functions while balancing the cost and value in alignment with business strategies.
Implement Hardware Asset Management
Blueprint: Infrastructure & Operations
Use this blueprint to implement or improve your hardware asset management practices, one step at a time.
Build a process to track assets across their entire lifecycle.
IT asset security policy entire life cycle digital security IT assets organization approach physical. This template will assist your organization in developing an IT asset security policy..
Asset Security Policy
Templates And Policies: Infrastructure & Operations
This template will assist your organization in developing an IT asset security policy.
Improve Your Cybersecurity Posture Through Effective Policy
Live Webinar:
Develop and Deploy Security Policies Enhance your overall security posture with a defensible and prescriptive policy suite.
Develop and Deploy Security Policies Enhance your overall security posture with a defensible and prescriptive policy suite.
Special Letter: Innovations in Cyber Security – An Emerging New Paradigm
Note: Trends and Predictions
In this Special Letter, you will see the idea of Internet security applied to cloud security and data protection. To my mind, getting this project done is of the same priority as replacing firewalls and virus lists with heuristic tools for monitoring network penetrations, and convincing CEOs to...
Published: August 4, 2014 Publisher's Note: There are two chilling trends in Internet security that were underlined this week with the announcement by Hold Security of a Russian crime ring taking around 1.2 billion user names and password combinations from perhaps 420,000 different hacked websites.
Secure Software Development in Government
Note: Industry Coverage
In today’s world, where information is power, where technology is permeating every corner of our lives, new security and safety concerns of the people must be at the forefront of all government actions.
In today’s world, where information is power, where technology is permeating every corner of our lives, new security and safety concerns of the people must be at the forefront of all government actions.
Build an Information Security Strategy
Blueprint: Security
Build a business-aligned, risk-aware, holistic security strategy: gather business requirements to prioritize improvements; assess risks, stakeholder expectations, and risk appetite to set meaningful targets; conduct a comprehensive gap analysis to identify improvements; and build a flexible...
Align the information security strategy to organizational goals and risks to create value.
Build a business-aligned, risk-aware, holistic security strategy: gather business requirements to prioritize improvements; assess risks, stakeholder expectations, and risk appetite to set meaningful targets; conduct a comprehensive gap analysis to identify improvements; and build a flexible roadmap to set the program on the right footing..
Security Strategy
Academy Course: Security
Tailor best practices to effectively manage information security. This course makes up part of the Security & Risk Certificate.
Build a Cost-Effective Security Compliance Program
Live Webinar:
Most organizations are now spending 25 to 40% of their security budget on compliance activities, but only about a quarter of businesses believe that government-mandated regulations actually help improve their cybersecurity practices.
Telecommunications Security Solutions Report
Industry: Industry Coverage
Telecommunications Security Solutions Report
The extensive number of improvements with the implementation of 5G offer major advantages to your customers but at the same time require a shared implementation of network management and security solutions to protect them from new and wider threats.An advanced 5G security solution will empower and safeguard the information assets of your customers.Gain key insights about features of telecom 5G security solutions, top vendors, and how to implement this technology in your organization.
Don’t Be Shellshocked - Eliminate the Security Risks of Shellshock Quickly
Note: Security
Eliminate the security risks of Shellshock quickly. A brief research note for Info-Tech’s members.
Shellshock has been rated one of the highest security risks possible.
Embed Privacy and Security Culture Within Your Organization
Blueprint: Security
A strong security program and privacy framework are fundamental to successful organizations and require a proactive approach that embeds principles in the operational seams of the organization. But building a privacy and security culture extends beyond projects, controls, and metrics, and it...
Drive employee engagement with privacy and security via governance and process integration.
Technical controls are a start, but privacy and security need to become part of the organizational culture.. While privacy and security continue to make headlines and are top of mind for both IT and business leaders, employees still express disengagement and lack of ownership over their role in promoting these principles in their work.
Embed Privacy and Security Culture Within Your Organization – Executive Brief
Note: Security
Privacy and security are two heavy-hitting items that all organizations need to account for. Technical controls are a start, but privacy and security need to become part of the organizational culture.
Security or Quality…Why Can’t I Have Both?
Tech Note: Vendor Management
A recent survey sponsored by SAI Global indicates that consumers value data protection over quality. According to the results, three quarters of the respondents said they would be willing to live with lesser quality products if it meant increased security.
According to the results, three quarters of the respondents said they would be willing to live with lesser quality products if it meant increased security.
Establish Effective Security Governance & Management
Blueprint: Security
Many organizations misunderstand security governance and management as simply a matter of policies and processes. However, policies and processes – while important – do not become governance on their own. Good governance, really, stems from a deep understanding of stakeholder interactions and...
The key is in stakeholder interactions, not policy and process.
Security Management. academy-course. Security. Establish the missing bridge between security and the business to support tomorrow's enterprise with minimal resources.This course makes up part of the Security & Risk Certificate..
Security Management
Academy Course: Security
Establish the missing bridge between security and the business to support tomorrow's enterprise with minimal resources.This course makes up part of the Security & Risk Certificate.