The National Institute of Standards and Technology's (NIST) Human-Centered Cybersecurity program has released the NIST Phish Scale User Guide. This guide provides comprehensive instructions for applying the Phish Scale, a global method organizations use to assess the difficulty of detecting human phishing in emails. It's beneficial for implementers of phishing awareness … [Read more...] about NIST Releases Phish Scale User Guide for Detecting Sinister Phishing Emails
Cybersecurity-Risk Management
A Primer on Cyber Insurance and the Use of Models
The article traces the history and evolution of cybercrime, from the world's first alleged cybercrime in 1834, when attackers hacked the telegraph system in France, to the modern-day surge in cyberattacks since the 2010s. Despite the overshadowing of cyber risks by other global concerns in the 2022 World Economic Forum's annual risk tabulation, cyber threats remain a … [Read more...] about A Primer on Cyber Insurance and the Use of Models
How to Build and Maintain a Risk Register
A risk register is a vital tool for organizations, serving as an information repository to document the various risks they face and the measures taken to address them. The article emphasizes the increasing probability, severity, and innovation of cyber-attacks and the challenges many organizations face in integrating cybersecurity risk into their enterprise risk management … [Read more...] about How to Build and Maintain a Risk Register
What Is SIEM?
"Security Information and Event Management" (SIEM) is a security management approach that merges security information management (SIM) and security event management (SEM) into a single system. The primary objective of SIEM is to aggregate data from various sources, pinpoint changes from the norm, and pursue necessary actions, such as logging additional information or generating … [Read more...] about What Is SIEM?