Security news aggregator

Latest coverage for Strategy

Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.

For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.

Showing 12 most recent headlines Filtered view

Beijing, now Moscow.… Who else is hiding in broadband gateways? The US government today said it disrupted a botnet that Russia's GRU military intelligence unit has been using for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets.…

Bank Info Security 2 years, 5 months ago

They're Back: HHS OCR Plans to Resurrect Random HIPAA Audits

Agency Is Surveying Previous Auditees to Reassess Dormant Audit ProgramAs U.S. federal regulators fine-tune a strategy to push the healthcare sector into a stronger cybersecurity posture, they are also dusting off a HIPAA compliance audit program that's been dormant for the last seven years. A new round of HIPAA audits for regulated entities is in the works.

Bank Info Security 2 years, 5 months ago

They're Back? HHS OCR Is Eyeing the Return of HIPAA Audits

The Agency Is Surveying Previous Auditees to Reassess the Dormant ProgramAs U.S. federal regulators fine-tune a strategy to push the healthcare sector into a stronger cybersecurity posture, they appear to be dusting off a HIPAA compliance audit program that's been dormant for the last seven years. Is a new round of HIPAA audits for regulated entities on the horizon?

Bank Info Security 2 years, 5 months ago

Bipartisan Senate Bill Requires HHS to Bolster Cyber Efforts

Legislation Aims to Evaluate and Improve Agency's Cybersecurity PostureA new bipartisan Senate bill would require the U.S. Department of Health and Human Services to biennially conduct cybersecurity reviews and tests on its IT systems and report to Congress on how it is updating its cybersecurity strategy to keep up with evolving cyberthreats.

Bank Info Security 2 years, 5 months ago

Bugcrowd Receives $102M Strategic Growth Funding Round

Company Will Use Investment to Expand Services, says CEO Dave GerryBugcrowd received a $102 million venture capital investment to fuel strategic growth, the company announced Monday. "Our customers are outgunned and outmatched. They need to tap into all this creativity that exists within the hacker community," said company CEO Dave Gerry.

Bank Info Security 2 years, 5 months ago

Bugcrowd Attains $102M Strategic Growth Funding Round

Company Will Use Investment to Expand Services, says CEO Dave GerryBugcrowd received a $102 million venture capital investment to fuel strategic growth, the company announced Monday. "Our customers are outgunned and outmatched. They need to tap into all this creativity that exists within the hacker community," said company CEO Dave Gerry.