Information Security and Security Performance

Information Security

Security Performance

Why metrics are crucial to proving cybersecurity programs’ value

CSO Magazine

MARCH 30, 2022

The National Institute of Standards and Technology (NIST) has pioneered information security performance measurement model s that can produce metrics. Note: NIST’s work in this area is now being updated.)

Cybersecurity

Cybersecurity Security Performance Information Security Government

Celebrazione! AgID Certification To Provide Cloud Services in Italy

Duo's Security Blog

MARCH 22, 2021

Working with Trusted Partners Duo’s dedication and commitment to meeting the specific compliance requirements across all regions supported by Duo is confirmed by this certification that shows we provide the highest levels of security, performance, availability and transparency for our customers all over the world.

CISO

CISO Data privacy Security Performance Information Security

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Implementing and Maintaining Security Program Metrics

NopSec

NOVEMBER 19, 2021

A strong commitment to information security within the highest levels of an organization’s executive management team helps protect the security program from organizational pressures and budget limitations. Level 2: Quantify Performance Targets. Foundation: Stakeholder support. Level 1: Governance.

Policy Compliance

Policy Compliance Information Security Risk Cybersecurity

NBlog Aug 23 - ISMS comms plan

Notice Bored

AUGUST 23, 2020

Oh no, it's more circumspect: the standard says "the organization shall determine the need for internal and external communications relevant to the information security management system". on security awareness which is already in the plan anyway: maybe we should mention A.7.2.2 in the preamble though.

Information Security

Information Security Security Awareness Security Performance Risk

3CX data exposed, third-party to blame

Security Affairs

JUNE 20, 2023

Interestingly, after 3CX dealt with the cascading supply chain attack, it released a seven-step security action plan that discussed crucial steps to avoid similar leaks, such as a need to harden its network security, perform pen testing, and set up a new department for network operations and security.

Software

Software Data breaches Security Performance Malware

Boffins found a bug in Apple AirDrop that could leak users’ personal info

Security Affairs

APRIL 26, 2021

PrivateDrop is based on optimized cryptographic private set intersection protocols that can securely perform the contact discovery process between two users without exchanging vulnerable hash values.” . “We developed a solution named PrivateDrop to replace the flawed original AirDrop design. ” state the researchers.

Wireless

Wireless Authentication Security Performance Mobile

A critical flaw in Jetpack exposes millions of WordPress sites

Security Affairs

NOVEMBER 21, 2019

Jetpack is a popular WordPress plugin with over 5 million active installations that provides a suite of features for security, performance, and site management. A critical vulnerability affects the Jetpack WordPress Plugin version Jetpack 5.1. The popular plugin was developed and maintained by Automattic, the company behind WordPress.

Advertising

Advertising Hacking Security Performance Cybercrime

Do Not Confuse Next Generation Firewall And Web Application Firewall

SiteLock

OCTOBER 21, 2021

Some information security specialists confuse the concepts of WAF and NGFW. Let us start with the abbreviations that define the categories of information security products: WAF stands for Web Application Firewall , NGFW stands for Next Generation Firewall. We have an NGFW, do we need a WAF?" or "Why do we need WAF?"

Firewall

Firewall Information Security Penetration Testing Banking

News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform

The Last Watchdog

MAY 2, 2024

Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience Today’s modern enterprise employees rely heavily on browser-based services and SaaS applications.

Marketing

Marketing Technology Phishing Risk

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

ISO 27000 is a standard for information security and SOC is for maintaining consumer data integrity and security across several dimensions. Is your firm in compliance with the Payment Card Industry Data Security Standard (PCI DSS) to protect cardholder data during transactions?

Risk

Risk Threat Detection Data breaches Encryption

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

Cyber Security Informer

Why metrics are crucial to proving cybersecurity programs’ value

Celebrazione! AgID Certification To Provide Cloud Services in Italy

Trending Sources

Implementing and Maintaining Security Program Metrics

NBlog Aug 23 - ISMS comms plan

3CX data exposed, third-party to blame

Boffins found a bug in Apple AirDrop that could leak users’ personal info

A critical flaw in Jetpack exposes millions of WordPress sites

Do Not Confuse Next Generation Firewall And Web Application Firewall

News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform

What Is a SaaS Security Checklist? Tips & Free Template

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Stay Connected