The Three Step Security Strategy

October 8, 2019

Why Does Strategy Matter? The term ‘security strategy’ can be ambiguous and often means different things to different people. Because of this, many organizations do not have a formalized security strategy and those that do may not have an effective one. This is understandable. Managing the day-to-day issues associated with a security program (alerts, audits,…

Read

Attacks on the Rise Through Office 365

September 17, 2019

Office 365 is the most popular line of digital services for businesses for a reason, but when it comes to cyberattacks, its ubiquity is creating challenges. If it seems like every week there’s a new headline about a large-scale hacking incident, it’s not a case of rampant fake news. According to the 2018 Symantec Internet Security…

Read
security risk graphic

Top Six Security and Risk Management Questions

March 12, 2019

Recently, Gartner put out a report on the top 10 inquiries regarding security projects. The report is based on their analysis of over 10,200 client interactions covering relevant security and risk management topics from July 2018 through January 2019 (see the research here). Interestingly enough, Trustedsec has heard similar inquiries regarding product offerings in discussions…

Read
blog icon header

Current Security Trends in 2019

February 7, 2019

As the information security industry continues to mature, several things have changed, but many of the fundamental issues remain—even in the face of new technologies, threats, and regulations. Understanding and responding to current trends provides the opportunity for security and risk management leaders to better improve security, increase resiliency, and support the business. With renowned…

Read
checkmark graphic

Few cons to bringing in the pros: Why should you have a third-party risk and security assessment?

January 10, 2019

At TrustedSec, we get about 400-500 inquiries for security assessments every year.  Some of the questions we still hear quite often are: Why does our company need to do a risk and security assessment? Why can’t we just do it ourselves? We already know we’re terrible—why do we need you to tell us that? There…

Read
juxtaposition of locks and lines of code

Penetration Testing has gotten tougher – and why that increases your risk

June 4, 2018

There’s been a radical shift in the assessment industry over the last couple of years. We’ve all probably heard that Artificial Intelligence, Machine Learning, User and Entity Behavioral Analysis, Analytics, Detection and Response tools, etc., are advancing and improving defensive postures.  According to Gartner, annual spending on defensive security technology will exceed $82 Billion dollars…

Read
cyber security threats icons

How to Leverage Threat and Attack Intelligence in your Risk Assessments

May 17, 2018

Risk assessments methodologies in general are built before much of the information we have today was available.  Thus, we need to take advantage of the latest advances in threat intelligence and attack intelligence to make security risk assessments more valuable and aligned with real-life.  “What the hell do you know about TCAP?” Based on my…

Read
cyber security risk and business

Ensuring Risk Assessments have a (Business) Impact

May 15, 2018

Risk is a term that gets thrown around quite a bit, and like its distant cousin “pentest”, it has a tendency to be used to describe many very different things. There are many “standard” Risk formulas out in the world today that typically include some combination of the terms Asset, Threat and Vulnerability.  Some of…

Read
thinking icon

Building Upon Core Security & Risk Definitions

May 7, 2018

Security is evolving. That’s not news, but as it is happening not everyone can keep up with what that means.  This is especially true for those who have embraced maturing their risk and security programs, while still getting traditional assessments which have become commoditized and oftentimes not as valuable as they used to be.    These…

Read

Continual compliance

May 14, 2015

So much has been written on security versus compliance and continual compliance that it seems at times that discussing it is beating a dead horse. That being said, it is a dead horse that needs to be beaten, as we continuously come across situations where organizations find themselves in a mad dash to get into…

Read
  • Browse by Category

  • Clear Form