CISO Corner: The NYSE & the SEC; Ransomware Negotiation Tips
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.
Search across headline titles and summaries.
Background for this topic.
Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.
For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
Afni CISO Brent Deterding on Strategic Importance of Privileged Access ManagementImplementing PAM helps businesses avoid costs, increase efficiency, enhance client satisfaction, enable sales and ensure compliance, said Brent Deterding, CISO at global contact center firm Afni. "Security needs to enable the business," he said.
What to Do to Protect the Sensitive Data You Submit to Online AI ToolsArtificial intelligence tools are both a blessing and a curse for companies. They enable staff to be more efficient and get tasks done quicker, but they also allow an ever-increasing amount of sensitive data to walk out of the organization. Risk management controls need to be in place.