Security news aggregator

Latest coverage for Strategy

Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.

For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.

Showing 5 most recent headlines Filtered view
Bank Info Security 1 year, 10 months ago

ISMG Editors: CISO Disclosure Rules Changing Post-SolarWinds

Also: Ransomware Threats in Healthcare; the Growth of MimecastIn the latest weekly update, ISMG editors discussed the evolving disclosure responsibilities of CISOs, yet another ransomware attack targeting the healthcare sector, and Mimecast's latest strategic acquisition as part of its broader expansion efforts.

Bank Info Security 1 year, 10 months ago

How Ransomware Group Stability Affects Payment Decisions

Robert Boyce on Accenture's Strategy for Assessing the Behavior of Ransomware GangsAccenture Global Cyber Resilience Lead Robert Boyce outlines why organizations must assess the stability of ransomware groups before deciding how to respond to extortion threats. He outlines how trustworthiness of ransomware gangs can affect the likelihood of receiving decryption keys after payment.

Bank Info Security 1 year, 10 months ago

Cybersecurity Consulting: Is It the Right Career for You?

Explore the Wide Range of Categories and Services and What It Takes to Do the JobCybersecurity consulting encompasses a wide array of services and specialties, ranging from high-level strategic guidance to hands-on technical support. Discover the categories and learn how to position yourself as a trusted expert in the cybersecurity consulting field.