Manage Digital Risk
Address Critical Business Needs
Fraud Management Metrics that Drive Investment
If your role is responsible for a budget, your work ultimately revolves around one word: metrics. It is a word we often dread, because we can never seem to get it right. I live and breathe metrics in marketing, and if you are the gal or guy responsible for the fraud management or cyber security...
Read more
Metrics (Not Just Fun Facts!) Are key to driving a Business-Driven Security Strategy
Dave Gray & Azeem Aleem “What’s Measured Improves” Peter Drucker It’s mid-2017 and we have already witnessed the conundrum across organizations as the pressure of building a more efficient business creates loopholes for cyber criminals to gain an advantage. In a previous blog we talked about the traditional perimeter melting away and how the “not...
Measure your Readiness - Threat Intelligence Program
In the first part of this series we talked about the journey to undertake building a security monitoring and incident response program based on five dimensions: analytics, governance, measurement, operational and organizational. The third main program, also considered a primary capability of an effective Security Operations Center, is the development of tactical,...
Conversations with the SBIC: What's Top-of-Mind for Top Security Leaders? (Pt. 1)
We recently had the opportunity to discuss what’s top-of-mind for the Security for Business Innovation Council (SBIC), a group of security leaders from Global 1000 enterprises including Boeing, General Electric, Walmart, SAP and ADP. If there’s one thing SBIC members agree on it’s this: security strategies that focus solely on prevention just doesn’t work in...
Measure your Readiness - Incident Response Program
In today’s threat landscape it is a challenge to prevent the entire spectrum of attack vectors from impacting an organization. This is especially true with the increased adoption of new disruptive technologies and services such as cloud computing, mobility, BYOD and an increase in collaboration with third-parties who have access to the corporate’s network. On...
NIST Cybersecurity Framework (CSF) Spring 2017 Workshop Findings
To shape their Cybersecurity Framework (CSF), NIST convenes a series of workshops open to any industry practitioners, vendors, or academics who wish to attend. I recently returned from the 2017 NIST CSF Workshop at their headquarters in Gaithersburg, MD. For those interested in the NIST CSF but were unable to attend, I will quickly run...
Measure your Readiness - Security Monitoring Program
In the previous post of this series “Measure your Readiness”, I depicted a framework to assess, shape and accelerate a Threat-Driven Incident Response program useful for all kind of organizations to enhance their response capabilities and be ready to deal with unforeseen incidents. The second post in the series aims to look at the “security...
"Pain and Progress" in Managing Digital Risk
IT security and business risk teams embrace the security-risk convergence.
Yin and Yang: Two Views on IAM - Active Directory Automation, Success or Failure?
By Steve Mowll and Chris Williams Point: Effective identity management strategies are business-based, and should rise above technical limitations. Steve Mowll, Identity Architect, RSA True point, but in order to have effective strategies, they must be directed towards a desired outcome. Let’s take a look at this idea using Active Directory (AD) projects as an...
Jumpstart Incident Response
Jumpstart incident response. Reduce time to respond.
Blog posts by category
Around RSA
Industry Perspectives
Products & Solutions
Securing the Digital World
The Language of Cybersecurity
Need help? Click on the button below to begin a chat session.
