Do you use any data loss prevention products as part of your compliance/security program?

The Driver Behind This

Regulated and sensitive information can leave your environment quicker than you realize. Data loss prevention (DLP) systems can prevent this information from leaving your control in unauthorized manners. Whether that’s from an employee copying the information to take it so they can work from home or an adversary that has managed to infiltrate and embed in your environment – we’re talking about the insider threat.  The ability to identify this information leaving your environment is crucial.  This is being driven from a variety of regulatory and contractual requirements and you are on the hook to ensure the information you’ve been entrusted with is protected. It doesn’t matter if you’re talking about the information that has been provided by your customers, shared by your business partners or your own intellectual property – you must protect it.  Being able to detect and respond plays a major role in supporting your claims of conforming with the relevant regulatory drivers, but also in the midst of responding to an incident where you have to know and get to ground truth on what data that you’re accountable for, left your organization.

Continue reading “Do you use any data loss prevention products as part of your compliance/security program?”

What are you doing regarding threat intelligence?

Another Question to Consider: How do you get your actionable cyber threat intelligence?

The Driver Behind This

Understanding the threats you face is the first step (identification) of a Risk Management program and ultimately how the organization manages risks.  The organization’s ability to collect, process and analyze cyber threats goes a long way in protecting the organization and reducing its risk.  

Continue reading “What are you doing regarding threat intelligence?”

What are you doing regarding Identity and Access Management?

Another Question to Consider: What is the central authority that governs your active directory domains?

The Driver Behind This

Identity (and by extension access) is at the center of not only security, but compliance as well.  The way your organization manages users is critical, now more than ever.   The way your organization protects authorized identities, ensures policy compliance, and provisions access to sensitive/regulated data all drives toward the overall organizational risk posture.  

Continue reading “What are you doing regarding Identity and Access Management?”

Global IT Governance Expert Panel, Session 3: Governance systems

Global experts weigh in with their top tips on transitioning to the new normal in the context of privacy, cybersecurity, and IT governance systems. Join us for this three-part webinar series as we engaged with these experts on their advice on today’s hot topics.

Meet the Panel

Global pandemics don’t stop IT governance, they expose the need to change it! Top experts offer their tips on the new normal in IT governance systems.

Recorded May 27, 2020 07:00 AM Central Time

Webinar is now available!!!

Audio only version available here

Circle City Con Indianapolis, IN 2015 – The Answer is 42 – InfoSec Data Visualization (Making Metric Magic Business Decisions)

June 13, 2015

In this presentation on June 13th, 2015 The Rubicon Advisory Group founder, Edward McCabe, speaks at Circle City Con in Indianapolis, Indiana on the topic of The Answer is 42 – InfoSec Data Visualization (Making Metric Magic Business Decisions) and why a network baseline and relatable business metrics have so much an impact.

Continue reading “Circle City Con Indianapolis, IN 2015 – The Answer is 42 – InfoSec Data Visualization (Making Metric Magic Business Decisions)”