How to Communicate Cybersecurity More Effectively to The Board
Featured in Forbes, ISF CEO Steve Durbin shares his guidance on how security leaders can enable the board to make informed security decisions.
Navigating Divisions In The Workplace: The impact of social media and rise of individual ideologies
Featured in Forbes, ISF CEO Steve Durbin explores the impact and influence of social media in shaping opinions and disseminating news.
The Quantum Dilemma: Game-changer or game-ender
ISF CEO Steve Durbin explores some of the top risks, concerns, and uncertainties on the horizon for quantum computing.
Technology Governance Needs a Rethink on Prioritising Resilience Against Digital Threats
Research shows that only 3% of businesses have developed true resilience against cyber threats. ISF CEO Steve Durbin shares primary reasons for this disparity.
EXPERT OPINION: Stop Talking About Security Awareness - Let's encourage secure behaviour and culture instead
ISF Expert Richard Absalom explores why organisations need to move beyond awareness; sharing guidance on how to focus on security culture instead.
Building A More Behavior-focused Security Awareness Program
Steve Durbin shares seven recommendations on how organisations should approach their awareness and security culture programs.
Five Strategies For Boards To Enhance Governance And Resilience In The Face Of Evolving Cyber Risks
ISF CEO Steve Durbin shares five strategies on how board members can better manage and govern cyber security.
Who are BISOs and what do they bring to the cybersecurity table?
Steve Durbin, ISF Chief Executive shares his thoughts on why organisations need a BISO and what traits are ideally suited for the role.
The Impact of Technology Failures on Business Resilience
Steve Durbin, ISF CEO shares 5 important factors to consider when trying to mitigate and counterbalance business impact of technology failures
Strategies for Security Leaders: Building a positive cybersecurity culture
ISF CEO Steve Durbin shares his best practices on how security leaders can develop a positive brand and culture for cyber security.
Striking a Balance Between Business Growth, Risk Management, and Cybersecurity
Featured in Security Boulevard, ISF CEO, Steve Durbin shares recommendations on how to balance business growth with risk management.
The 6 Elements Defining a Valid Cybersecurity Strategy
Featured in Forbes, ISF CEO Steve Durbin explains how you can maximise value from existing cybersecurity investments to inform strategy.
EXPERT OPINION: Resilient by design is the way forward
ISF Head of Research, Paul Holland outlines the essential steps to ensure your organisation is well-positioned for cyber resilience.
From Cartels to Crypto: Trends Show Disruptive Cybercrime Evolving Rapidly
ISF CEO Steve Durbin explains why rise of cybercrime-as-a-service amongst other trends, are lowering entry barriers for criminals.
EXPERT OPINION: It'll never happen to us
ISF Head of Tools & Methodologies, Alex Jordan shares his expert opinion on managing extinction level risks associated with suppliers.
EXPERT OPINION: Social Engineering Attacks: Understanding OSINT to mitigate risk
Over the last decade, OSINT (open-source intelligence) became a buzzword across many industries and lines…
5 recommendations for acing the SEC cyber security rule
SEC risk management and disclosure rules can be fraught with difficulties. Steve Durbin, chief executive of the ISF, offers advice for coping.
EXPERT OPINION: If we fail to prepare, we prepare to fail
ISF Head of Research, Paul Holland shares his expert opinion on incident preparedness and overcoming extinction level attacks.
EXPERT OPINION: The bigger they are, the harder we will all fall
"It’ll never happen to us." Most security and risk practitioners have faced this argument at…
Readying Your Company For The New SEC Cyber Incident Disclosure And Risk Management Rules
Featured in Forbes, ISF CEO Steve Durbin breaks down the SEC material incident disclosure and enhanced governance requirements.
Generative AI vs. Predictive AI: A Cybersecurity Perspective
Featured in Security Boulevard, ISF CEO Steve Durbin underscores how organisations can find value in predictive and GenAI implementation.
ISF: Your first line of defence
Interviewed by The European, ISF CEO, Steve Durbin shares the ISF perspective on implementing an effective cyber strategy
The Core Elements of a Cybersecurity Posture
ISF CEO Steve Durbin shares seven core elements that can lay the groundwork for a healthy cybersecurity posture.
Key Takeaways from the British Library Cyberattack
Featured in Dark Reading, ISF CEO, Steve Durbin shares key takeaways from the event, with guidance on practicing good information governance.
The New Security Leader: Less Techy, More Business-Savvy
ISF Distinguished Analyst, Paul Watts features in InfoRisk Today to share his perspectives on balancing cyber risk and business goals.
Urgently needed: AI governance in cyber warfare
Featured in Help Net Security magazine, ISF CEO Steve Durbin outlines the importance aligning AI's ethics with society’s fundamental values.
Weaponized Disinformation Threatens Democratic Values
Steve Durbin, ISF CEO, shares insights into the looming AI-security threats from his interview with Brian Lord, CEO of Protection Group International.
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Featured in Infosecurity Magazine, Distinguished ISF Analyst Paul Watts, shares his views on resilience and effective cyber crisis management.
5 key elements of cyber simulation exercises to boost cyber resilience
Steve Durbin, ISF CEO, shares five key elements required to design cyber simulation exercises aimed at enhancing cyber resilience.
The Risks And Rewards Of AI: Strategies For Mitigation And Containment
ISF CEO Steve Durbin explores the major risks AI poses for today and for the future, and how we can address and mitigate these threats.
Five ways security leaders can demonstrate the business value of cybersecurity
Steve Durbin, ISF CEO, shares five best practices on how security leaders can justify the business value of cybersecurity and improve alignment with business goals
Business Risk Preparation: The Interlocked World Of Technology, Geopolitics, Regulations And Cybersecurity
ISF CEO Steve Durbin features in Forbes to share some of the top risks organisations need to be prepared for; impact of geopolitics on supply chains, environmental challenges of quantum computing and more.
How to design and deliver an effective cybersecurity exercise
ISF CEO STEVE Durbin featured in Helpnet Security to share his insights on how to design and develop an effective cyber simluation exercise.
Geopolitical Conflicts: 5 ways to cushion the blow
ISF CEO Steve Durbin featured in Dark Reading to provide guidance on 5 key areas security leaders must navigate to cushion the blow of geopolitical conflicts.
Risky Business: 6 steps to assessing cyber risks for the enterprise
Steve Durbin featured in CSO online, sharing his six steps on how organisations can create risk assessment plans to anticipate future threats.
ISF Resources to Support the NIST Cybersecurity Framework 2.0
Discover what the latest updates to the NIST CSF mean for your organisation as Head of Tools at the ISF, Alex Jordan, provides his thoughts.
Six Steps to Help Leaders Achieve A Good Standard Of Cybersecurity
ISF Chief Executive Steve Durbin, features in Forbes to outline six essential steps for security leaders to enhance their cyber readiness.
Why data, AI, and regulations top the threat list for 2024
ISF Chief Executive Steve Durbin, features in Helpnet Security to address three cyber security hurdles in 2024 - Data, AI and Regulation.
Hack on Japanese Port Shows How Compromised Operational Technology Can Have a Widespread Impact
Paul Holland shares his thoughts on protecting and securing the integrity and confidentiality of information within OT environments.
How organizations can navigate geopolitical and cyber risks in an interconnected world
Globalization and hyperconnectivity has made the world more interconnected and interdependent than ever before. The…
Walking the Tightrope: Navigating the risks and rewards of AI
Steve Durbin contributes to InformationWeek to chart the course for the responsible use of artificial intelligence.
Why Organisations Should Adopt a Cloud Security Framework
Steve Durbin outlines how choosing the right cloud cyber security framework can strengthen resilience across your entire cloud supply chain.
COSMICENERGY: A new threat to OT
Paul Holland provides insight into a possible new threat to operational technology environments, specifically those in the energy sector.
Navigating Supplier Risk Challenges to Shore Up Cyber Defences
Steve Durbin delves into the key challenges organisations should address in building resilience against supply chain risks.
Four Risks and Challenges of AI Democratisation for Businesses
Steve Durbin discusses the potential risks and challenges organisations could face as they increasingly build, use or rely on AI technologies.
Top Risks and Best Practices for Securely Offboarding Employees
Outgoing employees pose significant security risks to organizations. Here are some of the major issues…
Invest in Developing a Human-Centred Security Program
Steve Durbin explores steps to developing a human-centred security program that engages your workforce to better protect your organisation.
Five Cybersecurity Trends for the Middle East in 2023
Dan Norman predicts cybersecurity trends that are set to accelerate for the Middle East in 2023.
Achieving The Five Levels Of Information Security Governance
Steve Durbin offers advice on what strategies can be taken to make information security better connected to organisational goals and strategy.
Six Principles for Building Engaged Security Governance
Steve Durbin features in TechTarget to offer insight into engaged governance and the six principles that organisations should implement.
Security and the Business: It's good to talk
Paul Watts explores the shifting nature of business, the role of the security leader, and the impact of not aligning to each other’s goals.
Measuring Cyber Security: The what, why and how
Steve Durbin explores the ways security teams can best measure, analyse and report cyber security threats and performance
Navigating the Politics of Measuring Security
Richard Absalom explores the soft skills needed to navigate boardroom politics, ensuring measurements support decisions and drive action.
Build Cyber Resiliency With These Security Threat-Mitigation Considerations
Steve Durbin offers insight into how organisations can get on the path to developing a coherent security strategy.
It Pays to Know How Your Cybersecurity Stacks Up
Paul Watts, Distinguished Analyst for the ISF featured in Tanium magazine to share his thoughts on how security professionals can demonstrate value by adopting a shift-left mentality – a proactive stance for security that allows companies to become more agile and able to innovate.
Four Cyber Risk Trends to Watch in 2023 and How Businesses Can Mitigate Them
With cyber security becoming riskier, costlier and more complicated, Steve Durbin explores four key challenges to look out for in 2023.
Six Steps to Better Counter Supply Chain Risks
As vendor risk emerges as a top security priority, Steve Durbin provides tips you can adopt today to better manage your supply chains.
Five Top Qualities You Need to Become a Next-Gen CISO
Steve offers actionable guidelines to building and maintaining the skills and relationships that can take security leaders to the next level.
Threat Intelligence: Establishing a stream of trustworthy data
Dan Norman explores how you can create a steady stream of meaningful data that is actually relevant to your organisation.
Security Think Tank: To stop ransomware, preparation is the best medicine
Paul Watts details what you should be focussing on when thinking about business resiliency in the context of ransomware.
How Cyber Threat Intelligence Provides Security and Value to Business
Steve Durbin offers his thoughts on how enterprises can make the most out of threat intelligence for smarter security.
Best Practices to Help Strengthen Your Company's Security Culture
Human behaviour is one of the biggest challenges faced by security practitioners, leaders and cyber risk managers today.
Seven Practical Considerations for Effective Threat Intelligence
A background to the current state of threat intelligence, and practical guidance for security teams at all stages of its implementation.
Solve ICS Security Issues with ICS and IT Team Convergence
Threat actors are predicted to weaponise industrial control systems in order to harm or kill humans by 2025 - how should you prepare?
The Threat of Deepfakes and Their Security Implications
Steve Durbin discusses the cyber best practices and security controls you should be implementing now to mitigate the threat of deepfakes.
Securing Industrial Control Systems: The What, Why and How
Steve Durbin featured in Forbes to shed light on the best practices you should consider to better protect ICS environments.
How the Responsible Use of AI Can Create Safer Online Spaces
Steve Durbin offers recommendations for organisations to mitigate the potential risks and manage the ethical adoption of AI.
Organisations Cannot Prosper Without Trust: Five ways to boost trust with cyber security
Steve Durbin offers advice on how you can prevent the dilution of enterprise value and trust in the eyes of your stakeholders.
Five Trends Making Cyber Security Threats Riskier and More Expensive
As risks increase with the world becoming more digital, regulated, and interconnected, Steve Durbin offers steps to reduce their impact.
Cyber Insurance: An effective use of your scant security budget?
Paul Watts questions whether cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes.
Three Cyber Threats Resulting from Today's Technology Choices to Hit Businesses by 2024
Steve Durbin features in Dark Reading to discuss three major cyber threats that could result from today's hasty technology decisions.
Security Think Tank:
Balanced approach can detangle supply chain complexity
Francesca Williamson shares insight on how you can detangle the complexities of the supply chain and create better security practices.
Three Threats Dirty Data Poses to the Enterprise
Steve Durbin discusses three dirty data cyber security concerns, and how organisations can protect themselves against these emerging threats.
Ignoring Cyber Security Can Sour M&A Deals
Steve Durbin featured in Forbes to highlight key cyber security dimensions to consider when entering the merger and acquisition process.
Six Steps to Validate Cyber Incident Response Plans in Times of Conflict
Steve Durbin features in the World Economic Forum, offering considerations to consider when evaluating cyber incident response capabilities.
Five Ways to Secure the Supply Chain in Times of Conflict
Steve explains the five steps organisations can take to help mitigate potential threats against the supply chain and be better armed.
Three Unintended Consequences of Well-Intentioned Cyber Regulations
Steve explains how you can prepare against unintended consequences of cyber regulations, no matter how well-intentioned they might be.
What's Zero Trust, and What's Driving Its Adoption?
Steve Durbin deconstructs Zero Trust; explaining how it works, what the common misconceptions are, and what to consider before implementation.
7 Steps to Combat Cybersecurity Threats in Times of Instability
Steve Durbin outlines steps organisations and security teams can use to understand and prepare for potential threats in times of instability.
How Cybersecurity Leaders Can Add Value to M&A Deals
Steve Durbin offers advice on the M&A process: how you can mitigate risk and highlight to leadership the value of information security.
World's Largest Cybersecurity Benchmarking Study Finds that Top Executives Believe their Organizations are Not Prepared for New Era of Risk
ThoughtLab's press release for their study, providing evidence-based insights into the most effective cybersecurity practices and investments.
Cyber Risks for the Emerging 5G Era
Steve Durbin expands upon the risks, not only to individuals and businesses, but also to nations as 5G technologies transform communications.
Five Proactive Steps CISOs Can Take During Times of Instability
Steve Durbin outlines how CISOs can shift from being reactive to proactive, improving the overall resilience of their organisation.
5 Levers Lawmakers Can Use to Tackle Cybercrime
Steve Durbin breaks down each element of the cybersecurity framework presented in the recently released report led by the ISF with CC-Driver.
The Importance of Effective Cyber Risk Management
Dan Norman looks at what needs to be considered when evaluating the risks involved in an organisation’s security strategy.
Revised Scope of UK Security Strategy Reflects Digitised Society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one.
Four Major Cyber Risks in an Era of Tech Dominance
Read as Steve explores the technological risks that may lead to crises in the next decade in his latest article for Forbes.
Security Think Tank: Good training is all about context
Emma Bickerstaffe explores what makes a good security training programme and questions buyers should ask when procuring training as a service.
Positively Influencing Security Behaviour
Daniel Norman, ISF Senior Solutions Analyst, takes a closer look at 'Human-Centred Security' and how to achieve it.
How to Secure a Smart City
Dan Norman discusses the security challenges ahead with the continued shift to smart cities becoming an attractive target for cyber attackers.
Confronting Pervasive Cyber Threats for 2022 and Beyond
Discussing key pervasive cyber threats for 2022, Steve Durbin's recent Forbes article presents a strong foundation for security teams.
The Six Best Practices to Prevent Ransomware Infection
Read Steve Durbin's latest article addressing the most common ransomware attack techniques whilst offering guidance on their prevention.
10 Cognitive Biases that can Derail Cybersecurity Programs
Read Steve Durbin's latest article highlighting the impact of the unconscious mind upon cybersecurity vulnerabilities.
Is the IT Sector Beset by Fear-Mongering?
Paul Watts features in this Computer Weekly article aimed at helping security professionals lead with knowledge, rather than react with fear.
Security Think Tank: Reframing CISO-boardroom relations
Read Emma Bickerstaffe's latest article for Computer Weekly as she offers CISO's food-for-thought following the pandemic.
"log4j 2" - a perfect way to ruin a security professional's weekend
By now Members will be very familiar with the concern around the 'log4j 2' remote code execution vulnerability; Apache's java-based logger library also known as 'Log4Shell'. This vulnerability is filed as CVE-2021-44228 in the NIST National Vulnerability Database.
Zero Trust: Five Misconceptions Every Business Should Avoid
Cybercrime is a major threat to every industry and organization in the world. No wonder global entities are desperately seeking a silver bullet that can somehow neutralize cybersecurity threats.
Dissecting the true value of SASE is a challenge
As a relatively nascent technology that is getting a lot of publicity, dissecting the true…
Maritime Cyber Security: A Global Challenge Tackled through Distinct Regional Approaches
Maritime cyber security is an emerging issue that requires immediate attention, according to the International Maritime Organization (IMO). Feedback received from global shipping professionals indicate that a common threat to the industry, such as cyber security, is dealt with differently among industry practitioners around the globe.
Why Does Ransomware Still Work?
Paul Watts, distinguished analyst, contributes to how ransomware has managed to retain its high profile in cybercrime for Computer Weekly.
Zero Trust: An Answer to the Ransomware Menace?
By Steve Durbin, Chief Executive of the ISF. Zero trust isn't a silver bullet, but…
Federal Cybersecurity Directive Spotlights Aging Computer Systems
Chronis Kapalidis, Principal at the ISF featured in WSJ. Many of the cybersecurity gaps outlined…
Is cyber insurance a worthwhile investment?
Here are five questions to help determine if your company needs cyber coverage. The cyber…
Understanding And Responding To Ransomware Threats
To pay or not to pay? Notwithstanding the ethical and emerging federal legal liability issues…
Demystifying zero trust and how it helps with ransomware
Zero trust is a strategy organisations will need to look at implementing in the same…
Prepare, respond, resume
Dan Norman, senior solutions analyst at the Information Security Forum, guides us through the key…
Embracing vulnerability management for the greater good
It is important to recognise that although setting out a policy and process for RD…
The next wave of cyberattacks will have 5G to thank
Given the high stakes, security should be at the forefront of 5G rollout plans At…
Giant Group cyber attack prompts renewed calls for statutory regulation of umbrella companies
The speed of the outage and the protracted nature of the recovery bears all of…
Artificial Intelligence: The Future Of Cybersecurity?
The number of devices and associated challenges are far too many. IIoT devices possess limited…
A response to planned data protection changes
As the UK chases a Brexit dividend to open up non-EU markets to UK businesses…
An Effective Supply Chain Starts With Security
For more advanced, sophisticated supply chains, it’s about continually going back over it to increase…
How criminals use artificial intelligence to fuel cyber-attacks
AI systems and can be entrenched by programmers or specific data sets. Unfortunately, if this…
What CISOs need to know about Wi-Fi 6E
Until now, there were limitations on some of the heavier network related devices like virtual…
What are the risks associated with personal, unsanctioned apps on corporate devices and why?
From a security perspective, what are the personal apps/app types that you think CISOs should…
Commercial Shipping Is the Next Cybersecurity Challenge
there is a misbelief that ships are not vulnerable to cyber incidents, leading to an…
Are 5G Networks Setting The Stage For A New Wave Of Cyberattacks?
...the sheer volume and velocity of 5G networks, combined with the complex infrastructure and heavy…
The transport threat
Ransomware will proliferate over the coming years, with attackers locking individuals into, or out of,…
Adapting InfoSec for Container Security
Containerization has effectively become the new normal for expediting app delivery and improvements; security concerns…
NCSC head champions UK-Israeli cyber relationship amid spyware accusations
Organisations often have the best of intentions when creating some of these types of software,…
A return to the office is not a return to normal
Perhaps the biggest change that CISOs need to accept is that hybrid working is how…
The Trouble With Automated Cybersecurity Defenses
Speed and accuracy in identifying and responding to threats are the alluring promises of automated…
Questions To Ask To Help You Prepare For A Cyberattack
Develop a holistic backup strategy that covers all systems and core infrastructure services. Steve Durbin,…
Top 5 cybersecurity challenges in the hybrid office
The pandemic has caused a tectonic shift in how we live and work. Many companies…
How a Security Architecture Can Keep Your Organization Upright Amid Future Upheaval
By Steve Durbin, Chief Executive of the ISF As organizations claw their way back from…
Time to accept printers will leak data
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses…
Designing and Building a Security Architecture
Ultimately, a well-designed security architecture will enhance understanding, simplify decision-making, improve efficiency and contain costs.…
Watch this space
Satellites support so much of our business infrastructure, but being in space doesn't make them…
Ransomware Is Everywhere — Here’s What You Need To Consider
Steve Durbin is Chief Executive of Information Security Forum. He is a frequent speaker on the…
What the FLoC? Everything you need to know about Google’s new ad tech that aims to replace third-party cookies
First party cookies are really useful. For instance, they mean you don’t have to log…
The case for vaccine passports: the real world versus the digital world
Distinguished Analyst Andy Jones and Senior Analyst Alex Jordan, both of the ISF, take opposing…
Threat Horizon 2023: Four Evolving Threats That Should Be On Your Radar
The mass migration of people out of the workplace and into the home prompted a sharp rise in cybersecurity incidents.
The Challenge Of Continuous Assurance For Supply Chains
Building resilience and agility into a supply chain to cope with fluctuations in demand and meet business goals is a major challenge.
6 Tips for Managing Operational Risk in a Downturn
By Steve Durbin, Chief Executive of the ISF Coping with heightened operational risk during a…
How Cyber Security Criminals Exploit the 'Accidental Insider'
In the first of his regular new information security columns for Security Middle East, Daniel…
Eurasia Risks 2021 - Global Cyber Crisis
The first nation state to develop technologies such as AI, 5G, robotics and quantum computing…
Eurasia Risks 2021 - Digital Totalitarianism
Highly connected ecosystems of digital devices will enable the harvest, repurpose and sale of sensitive…
The new reality of a world online
Interview with Steve Durbin, Chief Executive of the ISF and The European The combination of…
How To Develop A Human-Centered Security Program
While many organizations have a security awareness training program in place, few trigger real behavior change or...
How Retailers Can Tackle Supply Chain Data Risk
By Steve Durbin, Chief Executive of the ISF Make security a core consideration in procurement…
Technology Is Just A Tool: Why People Are The Heart Of Everything We Do In Business
The idea that technology can solve all our problems is seductive. It seems like every product vendor claims to...
Security Think Tank: Towards a united state of security
By Jordon Kelly, Research Analyst at the ISF Of his new national security appointments, president…
Three Steps to Securing Supply Chains Under Pressure
By Steve Durbin, Chief Executive of the ISF You need to establish continuous monitoring across…
Eight Cyber Challenges In An Uncertain World
With the pandemic precipitating a health crisis that continues to threaten the global economy and the real possibility of a...
Six Ways A Good Leader Can Become A Great Leader
Many people can become good leaders. After all, you can learn how to communicate and how to be a better listener; you can...
Cybercrime to Scale New Heights in 2021: What Can You do About it?
By Steve Durbin, Chief Executive of the ISF With the pandemic precipitating a rapid acceleration…
Words of advice for President Biden’s new CISO
By Steve Durbin, Chief Executive of the ISF Cybersecurity should sit at the core of…
Look for GDPR fines to increase, extend beyond breaches
organizations should in particular note the extent of fines levied by regulators for infringements that…
Five Threat Vectors Destined To Make Waves In 2021
By Steve Durbin, CEO of the Information Security Forum, and Forbes Business Council Member Building…
New Year’s Resolutions for the Board in 2021
By Steve Durbin, CEO of the ISF Maturing your organization’s ability to detect intrusions quickly…
AI’s Two Achilles’ Heels Keep Me Up at Night
All the social techniques cybercriminals currently employ could be improved immeasurably with the help of…
Cybersecurity Must Be the Top Priority for the Board in 2021
By Steve Durbin, CEO of the ISF Leading the enterprise to a position of readiness,…
10 Benefits of Running Cybersecurity Exercises
By Steve Durbin, Managing Director of the ISF. There may be no better way to…
2020 Work-for-Home Shift: What We Learned
One area that organizations need to deal with is the rise of the insider threat,…
Privacy 2020: From Prepared to Alarmed, the Year the Rubber Hit the Road
With 2020 coming to a close, SC Media is delivering through a series of articles…
Cybersecurity in 2021: 5 Trends Security Pros Need to Know
The insider threat is one of the greatest drivers of security risks that organizations face…
ISF Proposal for “Human-Centered Security” Focuses Security Awareness on People’s Interactions With Technology
How can security keep pace with a cyber threat landscape that rapidly becomes more sophisticated…
Practical tips and advice for personal IoT security
By Daniel Norman, Senior Solutions Analyst at the ISF A large portion of IoT-related breaches…
Top Global Security Threats Organizations Will Face in 2021
Attackers will continue to be presented with the tools and opportunities to target and exploit…
Ransomware attacks target backup systems, compromising the company ‘insurance policy’
The success of ransomware is reliant on whether or not the target organization has patched…
Eight Steps To Building A Human-Centered Security Culture
By Steve Durbin, Managing Director, Information Security Forum, and Forbes Business Council Member Ransomware, phishing,…
Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand
Payment of a ransom is also a contentious discussion – in many cases the ransom…
New Information Security Forum Research Explores Human-Centered Security
Technology and processes should complement behavior, not add friction and impede productivity... Steve Durbin, Managing…
Websites Requiring Security Software Downloads Opened Door to Supply Chain Attack
I, for one, am wary if a website asks me, unprompted, to download anything. It…
CISA Warns Public About Online Holiday Shopping Scams
Also, beware of email “offers” from companies you don’t recognize and even those that you…
Changing Employee Security Behavior Takes More Than Simple Awareness
A human-centered security program helps organizations to understand their people and carefully craft initiatives that…
Why Security Awareness Training Should Be Backed by Security by Design
As a starting point, an individual will always choose to be productive in their current…
Information Security Forum Research Dives Into the Need for Human-Centered Security
A typical strategy should aim to reduce the number of security incidents and improve the…
Human-Centred Approach is Key to Better Security
Errors and acts of negligence can cause significant financial and reputational damage to an organization,…
Organizations Should Use Psychology to Promote Secure Behavior Among Staff
Errors and acts of negligence can cause significant financial and reputational damage to an organization...…
Qbot Banking Trojan Now Deploying Egregor Ransomware
Organizations should have an incident response or crisis management plan for ransomware events, knowing who…
Cybersecurity Workforce Study Needs to be Taken with a Pinch of Salt
Apprenticeships, on the job learning, backed up with support training packages are the way to…
Remote Work in 2021: Cybersecurity Grows in Importance
The global COVID-19 pandemic has forced digital change on organizations at high speed and certainly…
Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details
Just as consumers now automatically accept cookies and agree to privacy policies, they may also…
CISA: Ransomware Activity Targeting the Healthcare and Public Health Sector
Privacy should also be a high priority for anyone handling sensitive information, considering the shift…
Imminent Cyberthreat Could Disrupt Hundreds of US Healthcare Systems
Basic cyber hygiene standards need to be met, covering patching and updates, network segmentation, network…
Skills Shortage Rains on Cloud Advances
Cross training within an organization is a good method of closing the skills gap by…
FBI: Hospitals and Healthcare Providers Face Imminent Ransomware Threat
The healthcare services have an outdated approach to security awareness, education, and training... Daniel Norman,…
What Skills Will Cybersecurity Leaders Want in 2021?
All infosec teams have been under huge pressure lately and good CISOs acknowledge that and…
Three Common Digital Transformation Challenges — And How To Overcome Them
By Steve Durbin, Managing Director of the ISF and Forbes Business Council Member Once expectations are…
Why ransomware has become such a huge problem for businesses
Anyone with access to the Dark Web can buy readily available ransomware kits for less than $100.…
Norway Alleges Russia Orchestrated Parliament Email Hack
The attacking state will build user profiles, understand patterns of behavior and then they will…
Why Organizations Should Be Wary of the Security Risks Posed by Augmented Reality
By Steve Durbin, Managing Director of the ISF AR promises much, but organizations will soon…
ISF Supports Cyber and Compliance Challenges with Launch of Aligned Tools Suite 2020
We live in an uncertain world where budgets and resources are tight, yet the need…
#NCSAM: How Can Consumers Boost the Security of IoT Devices?
...individuals should proactively try and seek out vulnerability forums online and regularly assess whether exploits…
Cybersecurity, Cloud Skills: Key to Companies’ Digital Transformation
Increasingly, lockdown has driven us all online and the training industry has been somewhat slow…
How the Enterprise Can Shut Down Cyber Criminals and Protect a Remote Staff
Non-security incidents can have a substantial knock-on effect within the information security spectrum Steve Durbin,…
Six core characteristics that next-generation CISO’s exhibit
Being a next-generation CISO is an extremely rewarding position that allows an individual to become…
UHS Hospitals hit by Ryuk ransomware, forced to shut down systems
Attackers will once again turn their attention to disrupting the health service by targeting poorly…
How Criminals Use Artificial Intelligence To Fuel Cyber Attacks
By Steve Durbin, Managing Director of the Information Security Forum, and Forbes Business Council Member…
Research: Cloud Skills and Solutions Are in Short Supply
Shortages in skills and capabilities are being revealed as major security incidents damage organizational performance…
Suspected Ransomware Takes Out Major US Healthcare Provider
Privacy should also be a high priority for anyone handling sensitive information, considering the shift…
Ring’s Flying In-Home Camera Drone Escalates Privacy Worries
Smart home devices, such as Ring, collect an inordinate amount of sensitive personal data in…
Insider vs. Outsider Data Security Threats: What’s the Greater Risk?
As data breaches increase, many will be the result of Insider threats. In fact, the…
Georgia Election Data Hit in Ransomware Attack
Typically, the success of ransomware is reliant on whether or not the target organization has…
Cuts to Digital Security Spending Right Now Would Be a Big Mistake
By Steve Durbin, Managing Director, Information Security Forum As we head into Cybersecurity Awareness Month…
What does it take to be a next generation CISO?
Becoming a next-generation CISO requires an individual to embrace and master new skills and disciplines,…
Threats from the digital world lead to greater cyber security concerns
Organizations will have to adapt quickly to survive when digital and physical worlds collide. By…
5G Brings Benefits, But Also Heralds Fresh Security Threats
By Steve Durbin, Managing Director, ISF and Forbes Business Council Member The continuing rollout of…
Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development
“Increasingly, lockdown has driven us all online and the training industry has been somewhat slow…
Why Data Ethics Is a Growing CISO Priority
With data collection growing, and increased concern about how it is handled, a synergy between…
The Future's Biggest Cybercrime Threat May Already Be Here
By Steve Durbin, Managing Director, ISF Current attacks will continue to be refined, and what…
How To Prepare Your Business As Worldwide Recession Looms
By Steve Durbin, Managing Director, ISF and Forbes Business Council Member The business world is…
The Internet Of Forgotten Things Will Leave A Dangerous Legacy
By Steve Durbin, Managing Director, ISF The Internet of Things (IoT) infrastructure will soon become…
Quantifying Cyber Risk: Why You Must & Where to Start
"The challenge for security is to be able to translate security metrics into a form…
Security Think Tank: Balancing human oversight with AI autonomy
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling…
On the Cybersecurity Horizon: Digital and Physical Worlds Set to Collide
By Steve Durbin, Managing Director, ISF The digital and physical worlds are on an irreversible…
EU court kills Privacy Shield, wreaks havoc on digital economy
Schrems II “Was always going to be a major test for the Privacy Shield,” Steve…
Deepfakes will tell true lies
By Steve Durbin, Managing Director, ISF In the coming years, advanced deepfakes of high-profile individuals…
Cybersecurity Threats to the Food Supply Chain
When Smithfield Foods closed its Sioux Falls pork processing plant – joining other meat and…
Remote work: 6 common misunderstandings about online security threats
VPN, cloud, and phishing misunderstandings show up in myths about security and remote work. Security…
Information Security Forum Releases Updated Guide to Security Best Practices
The Information Security Forum (ISF) has published a major update to its Standard of Good Practice (The…
Vishing and Cybercriminals during COVID-19
The COVID-19 pandemic has resulted in an upshot of all types of scams. In the…
Understanding the CFO’s Cybersecurity Role in the Age of COVID-19
Senior executives understand that today’s global economy is still not adequately protected against cyberattacks, despite…
Google, Apple tighten protections on contact tracing; Americans worry over privacy
As the likes of Google and Apple bolster privacy in the race to come up…
The Impact of Coronavirus on the Threat Landscape
How has the coronavirus impacted the outlook on security over the next few years? The…
Connecticut town drops drone program to combat COVID-19 spread over privacy concerns
“Like other Internet of Things (IoT) devices, drones currently have very poor security controls, making…
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.…
Risk Management, Insider Threats and Security Leaders in the Age of COVID-19
An insider threat is a security risk that originates from within an organization. According to…
The Privacy-Security Balance in Digital Surveillance: Lessons from COVID-19
A major feature of the current COVID-19 crisis has been the sudden growth of state…
Information Security Forum: Nine Cybersecurity Threats Organizations can Expect Through 2022
The Information Security Forum (ISF) has released Threat Horizon 2022, the latest in a series of…
IoT security, neglected infrastructure, and a crisis of trust deemed major threats for 2022
The Information Security Forum predicts the coming threats with a very good track record so…
When All Behavior Is Abnormal, How Do We Detect Anomalies?
Identifying normal behavior baselines is essential to behavior-based authentication. However, with COVID-19 upending all aspects…
If Remote Working is the New Norm, How Do We Do it Securely?
“My biggest concern is when remote workers enter phase three since it is unlikely that…
FBI: COVID-19-Themed Business Email Compromise Scams Surge
"Criminals have become more sophisticated by considering the psychological aspects of an attack," says Mark…
Nearly 10 Million People Filed for Unemployment in the US: What Does It Mean for the Cybersecurity and IT Workforce?
The number of new people claiming unemployment benefits totaled a staggering 6.648 million last week…
Covid-19 Poll Results: One in Four Prioritize Health Over Privacy
“Ultimately we are being asked to trust our governments in their ability to handle personal…
The Long-Term Impact of #COVID19 on the Cybersecurity Industry
“Remote working and remote business interactions will identify new opportunities, new ways of working that…
The Short-Term Impact of #COVID19 on the Cybersecurity Industry
As we work remotely and isolate ourselves from friends and colleagues as best we can,…
As coronavirus spreads, cybersecurity staff contend with increasing attacks, remote workers
As the COVID-19 pandemic continues to spread, cybersecurity professionals have never been busier. Despite some reports of cybercriminals…
15 Coronavirus Online Scams to Watch Out For
“Our appetite for information is vast and cybercriminals know this so there may be attachments…
Covid-19 Spurs Facial Recognition Tracking, Privacy Fears
The coronavirus pandemic is creating a lucrative market for facial recognition manufacturers. But privacy issues…
Security Think Tank: To tackle Covid-19, be prepared, flexible and resilient
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of…
European Electricity Association Confirms Hackers Breached its Office Network
ENTSO-E, the European Network of Transmission System Operators, has announced that it found evidence of…
Keys to Hiring Cybersecurity Pros When Certification Can't Help
There just aren't enough certified cybersecurity pros to go around -- and there likely never…
Use the human-centered approach for smarter security and compliance teams
By Steve Durbin, Managing Director of the Information Security Forum. As the cyberthreat landscape becomes…
Insider Threats: How Co-Workers Became a Bigger Security Headache
One of the biggest security threats to your team might be the person working right…
Conquering the Cyber Security Challenges of The Cloud
By Steve Durbin, Managing Director, Information Security Forum Cloud computing has become a prevalent force, bringing…
US Sen. Gillibrand Announces Legislation to Create a Data Protection Agency
"As pressure from regulatory compliance increases, businesses must take an increasingly integrated and well-rounded approach…
Overcoming the Cyber Security Challenges of the Cloud
The rise in business processes supported by cloud services has been well evidenced by organizations…
Ringing in a new National Privacy Law?
Privacy advocates have long called for a federal privacy law and it’s coming…in the meantime,…
Security Think Tank: Bug bounties are changing the image of hackers
The traditional picture of a hacker is of a script kiddie in a hoodie hunched…
Data Privacy Day 2020 Encourages Consumers to “Own Their Privacy”
The theme of Data Privacy Day 2020 is “Own Your Privacy.” Data Privacy Day began…
Lawmakers Introduce Bill to Reform NSA Surveillance
"This debate has been ongoing for some time now and there is clearly a need…
Security Think-Tank: Tackle insider threats to achieve data-centric security
The belief that effective perimeter security is the best way to protect data is a…
World Economic Forum Global Risks Report Highlights Dangers of Digital innovation
"In a hyperconnected world, attack surfaces and interdependencies will grow astonishingly quickly," warns Steve Durbin,…
Eurasia Risks 2020: Exacerbation of the Battle for Technological Dominance
"Technological advances are not restricted to America and China. They are a global phenomenon both…
Five Reasons Why Supply Chain Security Must be on Your Agenda
How do you know that the critical parts inside your servers and devices are not…
Cybersecurity 2020: Welcome to the Digital Cold War
The race to develop strategically important next-generation technology will drive an increase in nation-state-backed attacks.…
The Top Three Global Cyber Security Threats for 2020
In the year ahead, organisations of all sizes must prepare for the unknown, so they…
Deciphering Artificial Intelligence in the Future of Information Security
Artificial Intelligence (AI) is creating a new frontline in information security. Systems that independently learn, reason and…
Maximise your defence with people power
Humans are often referred to as the “weakest link” in information security. However, organisations have…
Cybersecurity New Year’s Resolutions from the Information Security Forum
It’s that time of year again. Time for every one of us to reminisce on…
New ISF Paper Attempts to Demystify AI in Information Security
In a paper released today, the Information Security Forum is urging organizations to capitalize on the opportunities…