Security

Combine Security Risk Management Components Into One Program

March 22, 2019

IT departments are tasked with implementing new projects, but are often unsure how to assess the risk. Often, they use informal discussions that do...

Dive Into Five Years of Security Strategies

February 28, 2019

Since 2013, Info-Tech’s “Build an Information Security Strategy” research has been used to help our members build their security programs. Using ou...

Build an Information Security Strategy

February 28, 2019

Technology sophistication and business adoption, the proliferation of hacking techniques, and the expansion of hacking motivations from financial t...

Build a Privacy Program

February 27, 2019

Don’t wait until a privacy incident occurs – start building a privacy program now. Use Info-Tech’s Privacy Framework to understand your current sta...

Develop Necessary Documentation for GDPR Compliance

February 22, 2019

Understand your GDPR requirements concerning your data protection officer, retention requirements, and privacy and cookie policies. Use this bluepr...

Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

January 31, 2019

The cybersecurity skills gap is an ever-growing challenge that all organizations will eventually face. To circumvent the problem, actively plan for...

Improve Security Governance With a Security Steering Committee

November 23, 2018

Successful information security governance requires a venue to address security concerns with participation across the entire business. Without acc...

Align Your Security Controls to Industry Frameworks for Compliance

October 09, 2018

When assessing your information security program against an industry framework, don’t reinvent the wheel; use the tools in this blueprint to align ...

Embed Security Into the DevOps Pipeline

March 04, 2019

Transcend traditional application security approaches and embrace the agile mindset to shift security left. Use innovation and automation to secure...

Build a Vendor Security Assessment Service

December 07, 2018

Risks from third parties are on the rise, but many organizations still struggle with how to tackle this problem. A risk-based approach is needed to...

Master Your Security Incident Response Communications Program

August 31, 2018

Many organizations do not have an incident response plan, and those that do often forget to include a communications plan, leading to time loss whi...

Simplify Identity and Access Management

August 31, 2018

This research will lay the groundwork for establishing a centralized, effective, and efficient system for managing identity and access. We will hel...

Understanding Regulation With Blockchain Technology

July 24, 2018

Understand the implications of blockchain from a usage and forensic perspective, as well as the potential unique issues of this transformative tech...

Identify Opportunities to Mature the Security Architecture

July 10, 2018

Organizations require an effective security architecture in order to connect security to the business. This blueprint demonstrates Info-Tech’s appr...

Design a Tabletop Exercise to Support Your Security Operation

January 25, 2018

The use of a tabletop exercise is an excellent way to test the effectiveness of an organization’s overall security program, the investment of techn...

Develop Your Security Outsourcing Strategy

December 18, 2017

The need and importance of IT security is growing but most organizations lack the time and resources needed to create a mature security program int...