Security news aggregator

Latest coverage for Strategy

Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.

For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.

Showing 8 most recent headlines Filtered view

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms

Bank Info Security 1 year, 8 months ago

BlackBerry Cuts Cylance Spend to Focus on Profitable Areas

Company Shifts Cyber Focus to QNX and Secure Communications as Key Growth DriversAs Cylance continues to incur significant losses, BlackBerry is reallocating resources toward its more promising QNX and secure communications teams. The company expects its cybersecurity unit to stabilize and become profitable by the end of the fiscal year thanks to strategic bets and cost cuts.

Bank Info Security 1 year, 8 months ago

ISMG Editors: DSPM, DLP Converge to Reshape Data Security

Also: Impact of NIS2 Directive in Europe, Cloud Governance ChallengesIn the latest weekly update, ISMG editors discussed the strategic convergence of data security posture management and data loss prevention technologies, evolving priorities of security leaders and the urgent readiness challenges posed by the NIS2 Directive.

Bank Info Security 1 year, 9 months ago

Why Cybersecurity’s Core Focus Should Be Defending Data

Mastercard’s Rigo Van den Broeck on Ensuring Cybersecurity in a Data-Driven WorldThe proliferation of data in today’s hyperconnected world presents both opportunities and risks. Rigo Van den Broeck, executive vice president of cybersecurity at Mastercard, said the sheer scale and accessibility of data require organizations to adopt proactive cybersecurity strategies.

Bank Info Security 1 year, 9 months ago

New York Financial Regulator Publishes AI Safety Guidance

Agency Details AI Cybersecurity Risks, Prevention, Mitigation StrategiesFinancial regulators with the state of New York on Wednesday published guidance to help organizations identify and mitigate cybersecurity threats related to artificial intelligence. The New York State Department of Financial Services said it's not imposing new requirements.

The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shift-left" practices—securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanning