The evolution of the Chief Information Security Officer (CISO) role from its nascent stages in the 1980s to its current state reflects the dramatic changes in the digital and cybersecurity landscapes. Initially, as the internet and technology use in business was burgeoning, there was scant consideration for security or privacy, with systems built for openness to facilitate … [Read more...] about The Past, Present, And Future Of Chief Information Security Officers (CISOs)
Business continuity vs. disaster recovery vs. incident response
In today's digital age, where almost every aspect of a business is connected to technology, organizations face the constant threat of cyberattacks that can disrupt their critical IT ecosystem. To mitigate such threats and ensure digital resilience, businesses must have comprehensive plans for business continuity, disaster recovery, and incident response. Business continuity … [Read more...] about Business continuity vs. disaster recovery vs. incident response
Biometric Authentication in Business: Enhancing Security
Biometric authentication emerges as a powerful security measure for businesses to protect sensitive information and valuable assets amidst the growing cyber threats in the digital age. This method verifies individuals' identities using unique physical or behavioral characteristics, such as fingerprints, iris patterns, facial features, voice patterns, and typing patterns. … [Read more...] about Biometric Authentication in Business: Enhancing Security
An In-Depth Guide to the 2022 Controls in ISO 27001
In its 2022 update, ISO 27001 introduced eleven new controls to bolster defenses against cybercrime's ever-evolving landscape. These controls underline the standard's commitment to maintaining a high level of resilience and ensuring the safety and trustworthiness of organizational operations. These new controls encompass a variety of areas crucial for the modern digital … [Read more...] about An In-Depth Guide to the 2022 Controls in ISO 27001
ISO 42001: A New AI Management System for the Trustworthy Use of AI
With the rapid advancement and integration of Artificial Intelligence (AI) into organizational operations, concerns around AI's security, privacy, fairness, and transparency have become more pronounced. Recognizing these concerns, ISO is set to introduce ISO 42001 in 2024, a standard to establish safeguards and best practices for an AI Management System (AIMS). This new … [Read more...] about ISO 42001: A New AI Management System for the Trustworthy Use of AI
10 Best ISO 27001 Compliant Security Companies in 2024
In the dynamic digital world of 2024, businesses increasingly rely on technology, making it paramount to protect sensitive data and uphold robust security protocols. The international standard ISO 27001 sets the benchmark for creating, implementing, maintaining, and continually improving an Information Security Management System (ISMS). Achieving ISO 27001 compliance is not … [Read more...] about 10 Best ISO 27001 Compliant Security Companies in 2024
Migrate Off That Old SIEM Already!
In cybersecurity, the reliance on traditional Security Information and Event Management (SIEM) systems within Security Operations Centers (SOC) remains prevalent even as we navigate through 2024. These systems, pivotal for collecting and analyzing security data, are instrumental in swiftly identifying and responding to threats. However, using outdated SIEM technologies poses … [Read more...] about Migrate Off That Old SIEM Already!
A Guide to Effective Cloud Privileged Access Management
The landscape of cloud security has evolved significantly, transitioning from skepticism among enterprises to becoming a widely accepted and secure platform for organizations of various sizes. However, securing the cloud environment is more complex than it might seem; it requires a nuanced approach to manage privileged access effectively. The article emphasizes the complexity … [Read more...] about A Guide to Effective Cloud Privileged Access Management
Is your cloud security strategy ready for LLMs?
The rapid adoption of large language models (LLMs) in enterprise environments in 2024 has brought new cybersecurity challenges to the forefront, particularly concerning data leakage and the complexities introduced by integrating LLMs with cloud services. With enterprises increasingly hosting multiple iterations of LLMs across their cloud environments, the risk landscape … [Read more...] about Is your cloud security strategy ready for LLMs?
Key strategies for ISO 27001 compliance adoption
In an interview with Help Net Security, Robin Long of Kiowa Security shared key strategies for adopting ISO 27001 compliance, emphasizing the need for a detailed project roadmap and early booking of certification audits. Long advocates for prioritizing a limited number of security wins before fully implementing the standard and stresses the importance of selecting an internal … [Read more...] about Key strategies for ISO 27001 compliance adoption
Organizations are Embracing Cyber Insurance, But It’s Not Easy: Survey
The increasing prevalence and sophistication of cyberattacks, coupled with their significant financial ramifications, have pushed more organizations towards adopting cybersecurity insurance, as revealed by a survey conducted by Recast Software. The necessity for cyber insurance is recognized amid the challenges businesses face in meeting insurers' stringent requirements and … [Read more...] about Organizations are Embracing Cyber Insurance, But It’s Not Easy: Survey
I Stopped Using Passwords. It’s Great—and a Total Mess
The transition from traditional passwords to passkeys represents a significant shift in online security and convenience. The author shares their journey of dealing with cumbersome and numerous passwords, highlighting the common frustrations many face with password management. Introducing passkeys, which utilize public key cryptography to allow for more secure and … [Read more...] about I Stopped Using Passwords. It’s Great—and a Total Mess
Key Performance Indicators (KPIs), Key Behavior Indicators (KBIs), Objectives and Key Results (OKRs)
Ted Hessing's article delves into the fundamental frameworks of Key Performance Indicators (KPIs), Key Behavior Indicators (KBIs), and Objectives and Key Results (OKRs) that are pivotal in measuring and tracking performance in business and management. KPIs focus on quantifiable metrics that reflect an organization's overall performance and success in achieving its key business … [Read more...] about Key Performance Indicators (KPIs), Key Behavior Indicators (KBIs), Objectives and Key Results (OKRs)
Data Quality vs. Data Enrichment
Manufacturers are collecting information from an ever-broadening network of sources. Whether it’s time-series data from traditional physical sensors, real-time video streams, or unstructured and manually entered reports, data are at the core of day-to-day operational decision making. What are the nuances of Data Quality (DQ) and Data Enrichment? Highlighting their critical … [Read more...] about Data Quality vs. Data Enrichment
Data Speaks for Itself: Is AI the Cure for Data Curation?
The full article delves into the complex relationship between artificial intelligence (AI), specifically generative AI, and data quality management. What is the crucial role of high-quality data in developing successful AI models? We can draw parallels to how healthy food benefits humans, suggesting that data acts as sustenance for AI. Despite the excitement surrounding AI's … [Read more...] about Data Speaks for Itself: Is AI the Cure for Data Curation?
Measuring the integrated reporting quality in Europe: balanced scorecard perspectives
This study by Omar Hassan Ali Nada and Zsuzsanna Győri explores the adoption and quality of integrated reports (IR) in the European Union (EU) from 2013 to 2020. Utilizing a sample of 147 listed firms across 18 EU countries, the research constructs a disclosure index based on the Balanced Scorecard (BSC) to reflect the content of integrated reports. The study reveals a … [Read more...] about Measuring the integrated reporting quality in Europe: balanced scorecard perspectives
Elevate Your Audits: Upgrade Your Conventional Audit Program With A Risk-Based Approach
(Note: This article requires a free account and log-in from ASQ.org) This article by Lance B. Coleman Sr. emphasizes the importance of integrating risk management into auditing processes. It advocates for a shift from traditional auditing to a risk-based approach, where risk considerations are central in structuring, planning, executing, reporting, and closing audits. This … [Read more...] about Elevate Your Audits: Upgrade Your Conventional Audit Program With A Risk-Based Approach
Differentiating Between Tactile and Optical Measurement Technology for Dimensional Inspection
The article addresses the evolving requirements in part quality assessments within manufacturing processes, emphasizing the need for precise geometric dimension checks and comprehensive documentation. It introduces a critical decision-making process for acquiring new 3D measuring systems—choosing between tactile and optical measurement technologies. Tactile 3D systems, which … [Read more...] about Differentiating Between Tactile and Optical Measurement Technology for Dimensional Inspection
A Fool-proof Plan for Building an Effective CAPA Process
(Note: Whitepaper download requires the creation of a free account and log-in) This whitepaper outlines a plan for building an effective Corrective Action, Preventive Action (CAPA) process, a crucial aspect scrutinized by the Food and Drug Administration (FDA). Highlighting the frequent issuance of warning letters due to poor CAPA implementation and documentation, the paper … [Read more...] about A Fool-proof Plan for Building an Effective CAPA Process
Podcast: Your Path to Become a Certified Lead Auditor
The ISO Review Podcast, hosted by Jim Moran, an ISO Management System Professional with 30 years of experience, delves into the specifics of becoming a certified lead auditor for ISO management systems. Moran explains that every certified ISO management system requires a lead auditor, highlighting the importance of understanding the steps and qualifications necessary for this … [Read more...] about Podcast: Your Path to Become a Certified Lead Auditor