“A single arrow is easily broken, but not ten in a bundle.” – Japanese proverb
Is prevention of cyber attacks impossible? Is trying to prevent attacks a waste of time? Should we spend all our time focused on incident response?
These are constant questions in cybersecurity, and while the truth is that we can’t prevent everything, prevention of a significant majority of attacks is indeed possible. With the implementation of strong security policies, regular analysis of trends and tactics, and, most importantly, shared, actionable threat intelligence to feed into our defenses, this can be a reality. …Continue reading
With the invention of the computer and networks such as the Internet, corporate assets and delivery channels have changed in composition from the physical to the digital. The risks to these assets have also evolved. Now, the risks corporations face are increasingly cyber enabled ones. Not surprisingly, policy makers, regulators, and increasingly, shareholders, have also trained their attentions on corporate cybersecurity and the Boards of Directors, which oversee the management of this cyber risk. Indeed, when it comes to cyber, nowadays, all eyes are on the boardroom. As Securities and Exchange Commissioner Luis Aguilar warned, “boards that choose to ignore, or minimize, the importance of cybersecurity responsibility do so at their own peril.” …Continue reading