SEARCH
Archive
Humans Are Bad at Risk Assessment, and Other Stories
Risk management is not one of humanity's strong points, but we can learn some lessons from our own real life experiences to apply to our security careers.
Rather Than Measuring Risk, Fix an Interesting Problem
Measuring risk is a notoriously hard task, so Andy Ellis suggests teams focus on fixing the problems in fornt of them instead of trying to measure what could happen.
Morgan Stanley to Pay $60 Million Fine for 2016 Data Breach
Morgan Stanley has agreed to pay a $60 million fine for its repeated failures to adequately protect customer data when disposing of old equipment.
Understanding Asset Mix for Effective Vulnerability Management
Which platform is the riskiest: Windows, Mac, Linux, Unix, or a networking device? Latest research from Kenna Security and Cyentia Institute shows that CISOs have to consider both the number of vulnerabilities and how issues are addressed in order to determine risk.
Use Data, Not Magical Thinking
Many security leaders rely on a cost-per-record metric to calculate the costs of a security incident. The latest research from Cyentia Institute using Advisen data shows estimates based on that metric are frequently inaccurate.