Security news aggregator

Latest coverage for Strategy

Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.

For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.

Showing 4 most recent headlines Filtered view
Bank Info Security 2 years, 5 months ago

Getting More Out of Investments in Network-Centric Solutions

Investor Pramod Gosavi on Network Access, Endpoint Controls in a Zero Trust WorldVenture capital investor Pramod Gosavi discussed the drawbacks of relying on network-centric cybersecurity solutions that are driving up costs. He recommended proactive strategies, such as zero trust, that emphasize minimal access and continuous verification and investments in AI-based technologies.

Bank Info Security 2 years, 5 months ago

Bolstering Healthcare Cybersecurity: The Regulatory Outlook

The Biden administration's strategy for bolstering health sector cybersecurity, which includes newly released voluntary cyber performance goals and plans to update the HIPAA Security Rule, is fueling uncertainty in some organizations, said privacy attorney Iliana Peters of law firm Polsinelli.

2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization’s cybersecurity infrastructure and strategy. But you also need to position yourself as a reliable decision-maker, navigating professional responsibilities, business needs and leadership