In the news
Technology Governance Needs a Rethink on Prioritising Resilience Against Digital Threats
Research shows that only 3% of businesses have developed true resilience against cyber threats. ISF CEO Steve Durbin shares primary reasons for this disparity.
EXPERT OPINION: Stop Talking About Security Awareness - Let's encourage secure behaviour and culture instead
ISF Expert Richard Absalom explores why organisations need to move beyond awareness; sharing guidance on how to focus on security culture instead.
Building A More Behavior-focused Security Awareness Program
Steve Durbin shares seven recommendations on how organisations should approach their awareness and security culture programs.
Five Strategies For Boards To Enhance Governance And Resilience In The Face Of Evolving Cyber Risks
ISF CEO Steve Durbin shares five strategies on how board members can better manage and govern cyber security.
Who are BISOs and what do they bring to the cybersecurity table?
Steve Durbin, ISF Chief Executive shares his thoughts on why organisations need a BISO and what traits are ideally suited for the role.
The Impact of Technology Failures on Business Resilience
Steve Durbin, ISF CEO shares 5 important factors to consider when trying to mitigate and counterbalance business impact of technology failures
Strategies for Security Leaders: Building a positive cybersecurity culture
ISF CEO Steve Durbin shares his best practices on how security leaders can develop a positive brand and culture for cyber security.
Striking a Balance Between Business Growth, Risk Management, and Cybersecurity
Featured in Security Boulevard, ISF CEO, Steve Durbin shares recommendations on how to balance business growth with risk management.
The 6 Elements Defining a Valid Cybersecurity Strategy
Featured in Forbes, ISF CEO Steve Durbin explains how you can maximise value from existing cybersecurity investments to inform strategy.
EXPERT OPINION: Resilient by design is the way forward
ISF Head of Research, Paul Holland outlines the essential steps to ensure your organisation is well-positioned for cyber resilience.
From Cartels to Crypto: Trends Show Disruptive Cybercrime Evolving Rapidly
ISF CEO Steve Durbin explains why rise of cybercrime-as-a-service amongst other trends, are lowering entry barriers for criminals.
EXPERT OPINION: It'll never happen to us
ISF Head of Tools & Methodologies, Alex Jordan shares his expert opinion on managing extinction level risks associated with suppliers.
EXPERT OPINION: Social Engineering Attacks: Understanding OSINT to mitigate risk
Over the last decade, OSINT (open-source intelligence) became a buzzword across many industries and lines…
5 recommendations for acing the SEC cyber security rule
SEC risk management and disclosure rules can be fraught with difficulties. Steve Durbin, chief executive of the ISF, offers advice for coping.
EXPERT OPINION: If we fail to prepare, we prepare to fail
ISF Head of Research, Paul Holland shares his expert opinion on incident preparedness and overcoming extinction level attacks.
EXPERT OPINION: The bigger they are, the harder we will all fall
"It’ll never happen to us." Most security and risk practitioners have faced this argument at…
Readying Your Company For The New SEC Cyber Incident Disclosure And Risk Management Rules
Featured in Forbes, ISF CEO Steve Durbin breaks down the SEC material incident disclosure and enhanced governance requirements.
Generative AI vs. Predictive AI: A Cybersecurity Perspective
Featured in Security Boulevard, ISF CEO Steve Durbin underscores how organisations can find value in predictive and GenAI implementation.
ISF: Your first line of defence
Interviewed by The European, ISF CEO, Steve Durbin shares the ISF perspective on implementing an effective cyber strategy
The Core Elements of a Cybersecurity Posture
ISF CEO Steve Durbin shares seven core elements that can lay the groundwork for a healthy cybersecurity posture.
Key Takeaways from the British Library Cyberattack
Featured in Dark Reading, ISF CEO, Steve Durbin shares key takeaways from the event, with guidance on practicing good information governance.
The New Security Leader: Less Techy, More Business-Savvy
ISF Distinguished Analyst, Paul Watts features in InfoRisk Today to share his perspectives on balancing cyber risk and business goals.
Urgently needed: AI governance in cyber warfare
Featured in Help Net Security magazine, ISF CEO Steve Durbin outlines the importance aligning AI's ethics with society’s fundamental values.
Weaponized Disinformation Threatens Democratic Values
Steve Durbin, ISF CEO, shares insights into the looming AI-security threats from his interview with Brian Lord, CEO of Protection Group International.
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Featured in Infosecurity Magazine, Distinguished ISF Analyst Paul Watts, shares his views on resilience and effective cyber crisis management.
5 key elements of cyber simulation exercises to boost cyber resilience
Steve Durbin, ISF CEO, shares five key elements required to design cyber simulation exercises aimed at enhancing cyber resilience.
The Risks And Rewards Of AI: Strategies For Mitigation And Containment
ISF CEO Steve Durbin explores the major risks AI poses for today and for the future, and how we can address and mitigate these threats.
Five ways security leaders can demonstrate the business value of cybersecurity
Steve Durbin, ISF CEO, shares five best practices on how security leaders can justify the business value of cybersecurity and improve alignment with business goals
Business Risk Preparation: The Interlocked World Of Technology, Geopolitics, Regulations And Cybersecurity
ISF CEO Steve Durbin features in Forbes to share some of the top risks organisations need to be prepared for; impact of geopolitics on supply chains, environmental challenges of quantum computing and more.
How to design and deliver an effective cybersecurity exercise
ISF CEO STEVE Durbin featured in Helpnet Security to share his insights on how to design and develop an effective cyber simluation exercise.
Geopolitical Conflicts: 5 ways to cushion the blow
ISF CEO Steve Durbin featured in Dark Reading to provide guidance on 5 key areas security leaders must navigate to cushion the blow of geopolitical conflicts.
Risky Business: 6 steps to assessing cyber risks for the enterprise
Steve Durbin featured in CSO online, sharing his six steps on how organisations can create risk assessment plans to anticipate future threats.
ISF Resources to Support the NIST Cybersecurity Framework 2.0
Discover what the latest updates to the NIST CSF mean for your organisation as Head of Tools at the ISF, Alex Jordan, provides his thoughts.
Six Steps to Help Leaders Achieve A Good Standard Of Cybersecurity
ISF Chief Executive Steve Durbin, features in Forbes to outline six essential steps for security leaders to enhance their cyber readiness.
Why data, AI, and regulations top the threat list for 2024
ISF Chief Executive Steve Durbin, features in Helpnet Security to address three cyber security hurdles in 2024 - Data, AI and Regulation.
What does the SEC indictment of SolarWinds mean for security leadership?
Paul Watts, Distinguished Analyst at the ISF explores what the SEC indictment of SolarWinds means for security leadership
EU Tightens Cyber Security Requirements for Critical Infrastructure and Services
Organizations in "essential" sectors have until October 2024 to comply with the Network and Information…
Five Ways Security Teams Can Strengthen Business Relationships
Recent global events such as the pandemic have allowed security leaders to showcase the potential…
Navigating Security, Business Continuity, Through a Downturn
With inflationary pressures mounting and downturn fears hovering, it’s natural for organizations to scale back on their overall…
Five Ways Enterprises Can Boost Incident Preparedness
Security is not a primary area of expertise for most organizations so preparedness may fall…
The Hidden Risks of Industrial Control System manufacturers: Why ICS Environments are Vulnerable
Industrial control systems (ICS) such as programmable logic controllers, distributed controls systems, SCADA systems, and operational…
Four Data Security Challenges Set to Impact Organisations in the Coming Years
Data is the most durable, limitless commodity driving future economies and offering fresh insights for…
10 principles to ensure strong cybersecurity in agile development
The agile project management philosophy values speed, collaboration, communication, and interaction. Here are some best…
The Future Of Work Is Remote: How Organizations Can Prepare For Security Challenges
The fourth industrial revolution is here, and new technologies have the potential to change how…
Building the cyber security workforce of today
Cyber security staffing shortages are being driven by issues such as burnout, a lack of…
Eight Steps in Managing Cyber Risk Through A Downturn
I predict that for cybersecurity leaders, 2023 will not be an easy year. On the…
Hack on Japanese Port Shows How Compromised Operational Technology Can Have a Widespread Impact
Paul Holland shares his thoughts on protecting and securing the integrity and confidentiality of information within OT environments.
How organizations can navigate geopolitical and cyber risks in an interconnected world
Globalization and hyperconnectivity has made the world more interconnected and interdependent than ever before. The…
Security Middle East Conference: Chairperson’s key takeaways
The inaugural Security Middle East Conference was a major success for the security community. Over…
Walking the Tightrope: Navigating the risks and rewards of AI
Steve Durbin contributes to InformationWeek to chart the course for the responsible use of artificial intelligence.
Infosecurity Europe: Cyber Security Industry Still Fighting to Recruit and Retain Talent
Cybersecurity teams are struggling to find the right talent, with the right skills, and to…
Why Organisations Should Adopt a Cloud Security Framework
Steve Durbin outlines how choosing the right cloud cyber security framework can strengthen resilience across your entire cloud supply chain.
COSMICENERGY: A new threat to OT
Paul Holland provides insight into a possible new threat to operational technology environments, specifically those in the energy sector.
Navigating Supplier Risk Challenges to Shore Up Cyber Defences
Steve Durbin delves into the key challenges organisations should address in building resilience against supply chain risks.
Four Risks and Challenges of AI Democratisation for Businesses
Steve Durbin discusses the potential risks and challenges organisations could face as they increasingly build, use or rely on AI technologies.
Saudi Vision 2030: Digital challenges and opportunities
Dan Norman, Regional Director, EMEA for the ISF, looks at the challenges and opportunities Saudi…
Top Risks and Best Practices for Securely Offboarding Employees
Outgoing employees pose significant security risks to organizations. Here are some of the major issues…
Invest in Developing a Human-Centred Security Program
Steve Durbin explores steps to developing a human-centred security program that engages your workforce to better protect your organisation.
Five Cybersecurity Trends for the Middle East in 2023
Dan Norman predicts cybersecurity trends that are set to accelerate for the Middle East in 2023.
Achieving The Five Levels Of Information Security Governance
Steve Durbin offers advice on what strategies can be taken to make information security better connected to organisational goals and strategy.
Six Principles for Building Engaged Security Governance
Steve Durbin features in TechTarget to offer insight into engaged governance and the six principles that organisations should implement.
Security and the Business: It's good to talk
Paul Watts explores the shifting nature of business, the role of the security leader, and the impact of not aligning to each other’s goals.
Measuring Cyber Security: The what, why and how
Steve Durbin explores the ways security teams can best measure, analyse and report cyber security threats and performance
Navigating the Politics of Measuring Security
Richard Absalom explores the soft skills needed to navigate boardroom politics, ensuring measurements support decisions and drive action.
Build Cyber Resiliency With These Security Threat-Mitigation Considerations
Steve Durbin offers insight into how organisations can get on the path to developing a coherent security strategy.
It Pays to Know How Your Cybersecurity Stacks Up
Paul Watts, Distinguished Analyst for the ISF featured in Tanium magazine to share his thoughts on how security professionals can demonstrate value by adopting a shift-left mentality – a proactive stance for security that allows companies to become more agile and able to innovate.
Four Cyber Risk Trends to Watch in 2023 and How Businesses Can Mitigate Them
With cyber security becoming riskier, costlier and more complicated, Steve Durbin explores four key challenges to look out for in 2023.
Six Steps to Better Counter Supply Chain Risks
As vendor risk emerges as a top security priority, Steve Durbin provides tips you can adopt today to better manage your supply chains.
Five Top Qualities You Need to Become a Next-Gen CISO
Steve offers actionable guidelines to building and maintaining the skills and relationships that can take security leaders to the next level.
Threat Intelligence: Establishing a stream of trustworthy data
Dan Norman explores how you can create a steady stream of meaningful data that is actually relevant to your organisation.
Security Think Tank: To stop ransomware, preparation is the best medicine
Paul Watts details what you should be focussing on when thinking about business resiliency in the context of ransomware.
How Cyber Threat Intelligence Provides Security and Value to Business
Steve Durbin offers his thoughts on how enterprises can make the most out of threat intelligence for smarter security.
Best Practices to Help Strengthen Your Company's Security Culture
Human behaviour is one of the biggest challenges faced by security practitioners, leaders and cyber risk managers today.
Seven Practical Considerations for Effective Threat Intelligence
A background to the current state of threat intelligence, and practical guidance for security teams at all stages of its implementation.
Solve ICS Security Issues with ICS and IT Team Convergence
Threat actors are predicted to weaponise industrial control systems in order to harm or kill humans by 2025 - how should you prepare?
The Threat of Deepfakes and Their Security Implications
Steve Durbin discusses the cyber best practices and security controls you should be implementing now to mitigate the threat of deepfakes.
Securing Industrial Control Systems: The What, Why and How
Steve Durbin featured in Forbes to shed light on the best practices you should consider to better protect ICS environments.
How the Responsible Use of AI Can Create Safer Online Spaces
Steve Durbin offers recommendations for organisations to mitigate the potential risks and manage the ethical adoption of AI.
Organisations Cannot Prosper Without Trust: Five ways to boost trust with cyber security
Steve Durbin offers advice on how you can prevent the dilution of enterprise value and trust in the eyes of your stakeholders.
Five Trends Making Cyber Security Threats Riskier and More Expensive
As risks increase with the world becoming more digital, regulated, and interconnected, Steve Durbin offers steps to reduce their impact.
Cyber Insurance: An effective use of your scant security budget?
Paul Watts questions whether cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes.
Three Cyber Threats Resulting from Today's Technology Choices to Hit Businesses by 2024
Steve Durbin features in Dark Reading to discuss three major cyber threats that could result from today's hasty technology decisions.
Security Think Tank:
Balanced approach can detangle supply chain complexity
Francesca Williamson shares insight on how you can detangle the complexities of the supply chain and create better security practices.
Three Threats Dirty Data Poses to the Enterprise
Steve Durbin discusses three dirty data cyber security concerns, and how organisations can protect themselves against these emerging threats.
Ignoring Cyber Security Can Sour M&A Deals
Steve Durbin featured in Forbes to highlight key cyber security dimensions to consider when entering the merger and acquisition process.
Six Steps to Validate Cyber Incident Response Plans in Times of Conflict
Steve Durbin features in the World Economic Forum, offering considerations to consider when evaluating cyber incident response capabilities.
Five Ways to Secure the Supply Chain in Times of Conflict
Steve explains the five steps organisations can take to help mitigate potential threats against the supply chain and be better armed.
Three Unintended Consequences of Well-Intentioned Cyber Regulations
Steve explains how you can prepare against unintended consequences of cyber regulations, no matter how well-intentioned they might be.
What's Zero Trust, and What's Driving Its Adoption?
Steve Durbin deconstructs Zero Trust; explaining how it works, what the common misconceptions are, and what to consider before implementation.
7 Steps to Combat Cybersecurity Threats in Times of Instability
Steve Durbin outlines steps organisations and security teams can use to understand and prepare for potential threats in times of instability.
How Cybersecurity Leaders Can Add Value to M&A Deals
Steve Durbin offers advice on the M&A process: how you can mitigate risk and highlight to leadership the value of information security.
World's Largest Cybersecurity Benchmarking Study Finds that Top Executives Believe their Organizations are Not Prepared for New Era of Risk
ThoughtLab's press release for their study, providing evidence-based insights into the most effective cybersecurity practices and investments.
Cyber Risks for the Emerging 5G Era
Steve Durbin expands upon the risks, not only to individuals and businesses, but also to nations as 5G technologies transform communications.
Five Proactive Steps CISOs Can Take During Times of Instability
Steve Durbin outlines how CISOs can shift from being reactive to proactive, improving the overall resilience of their organisation.
5 Levers Lawmakers Can Use to Tackle Cybercrime
Steve Durbin breaks down each element of the cybersecurity framework presented in the recently released report led by the ISF with CC-Driver.
The Importance of Effective Cyber Risk Management
Dan Norman looks at what needs to be considered when evaluating the risks involved in an organisation’s security strategy.
Revised Scope of UK Security Strategy Reflects Digitised Society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one.
Four Major Cyber Risks in an Era of Tech Dominance
Read as Steve explores the technological risks that may lead to crises in the next decade in his latest article for Forbes.
Security Think Tank: Good training is all about context
Emma Bickerstaffe explores what makes a good security training programme and questions buyers should ask when procuring training as a service.
Positively Influencing Security Behaviour
Daniel Norman, ISF Senior Solutions Analyst, takes a closer look at 'Human-Centred Security' and how to achieve it.
How to Secure a Smart City
Dan Norman discusses the security challenges ahead with the continued shift to smart cities becoming an attractive target for cyber attackers.
Confronting Pervasive Cyber Threats for 2022 and Beyond
Discussing key pervasive cyber threats for 2022, Steve Durbin's recent Forbes article presents a strong foundation for security teams.
The Six Best Practices to Prevent Ransomware Infection
Read Steve Durbin's latest article addressing the most common ransomware attack techniques whilst offering guidance on their prevention.
10 Cognitive Biases that can Derail Cybersecurity Programs
Read Steve Durbin's latest article highlighting the impact of the unconscious mind upon cybersecurity vulnerabilities.
Is the IT Sector Beset by Fear-Mongering?
Paul Watts features in this Computer Weekly article aimed at helping security professionals lead with knowledge, rather than react with fear.
Security Think Tank: Reframing CISO-boardroom relations
Read Emma Bickerstaffe's latest article for Computer Weekly as she offers CISO's food-for-thought following the pandemic.
"log4j 2" - a perfect way to ruin a security professional's weekend
By now Members will be very familiar with the concern around the 'log4j 2' remote code execution vulnerability; Apache's java-based logger library also known as 'Log4Shell'. This vulnerability is filed as CVE-2021-44228 in the NIST National Vulnerability Database.
Zero Trust: Five Misconceptions Every Business Should Avoid
Cybercrime is a major threat to every industry and organization in the world. No wonder global entities are desperately seeking a silver bullet that can somehow neutralize cybersecurity threats.
Dissecting the true value of SASE is a challenge
As a relatively nascent technology that is getting a lot of publicity, dissecting the true…
Maritime Cyber Security: A Global Challenge Tackled through Distinct Regional Approaches
Maritime cyber security is an emerging issue that requires immediate attention, according to the International Maritime Organization (IMO). Feedback received from global shipping professionals indicate that a common threat to the industry, such as cyber security, is dealt with differently among industry practitioners around the globe.
Why Does Ransomware Still Work?
Paul Watts, distinguished analyst, contributes to how ransomware has managed to retain its high profile in cybercrime for Computer Weekly.
Zero Trust: An Answer to the Ransomware Menace?
By Steve Durbin, Chief Executive of the ISF. Zero trust isn't a silver bullet, but…
Federal Cybersecurity Directive Spotlights Aging Computer Systems
Chronis Kapalidis, Principal at the ISF featured in WSJ. Many of the cybersecurity gaps outlined…
Is cyber insurance a worthwhile investment?
Here are five questions to help determine if your company needs cyber coverage. The cyber…
Understanding And Responding To Ransomware Threats
To pay or not to pay? Notwithstanding the ethical and emerging federal legal liability issues…
Demystifying zero trust and how it helps with ransomware
Zero trust is a strategy organisations will need to look at implementing in the same…
Prepare, respond, resume
Dan Norman, senior solutions analyst at the Information Security Forum, guides us through the key…
Embracing vulnerability management for the greater good
It is important to recognise that although setting out a policy and process for RD…
The next wave of cyberattacks will have 5G to thank
Given the high stakes, security should be at the forefront of 5G rollout plans At…
Giant Group cyber attack prompts renewed calls for statutory regulation of umbrella companies
The speed of the outage and the protracted nature of the recovery bears all of…
Artificial Intelligence: The Future Of Cybersecurity?
The number of devices and associated challenges are far too many. IIoT devices possess limited…
A response to planned data protection changes
As the UK chases a Brexit dividend to open up non-EU markets to UK businesses…
An Effective Supply Chain Starts With Security
For more advanced, sophisticated supply chains, it’s about continually going back over it to increase…
How criminals use artificial intelligence to fuel cyber-attacks
AI systems and can be entrenched by programmers or specific data sets. Unfortunately, if this…
What CISOs need to know about Wi-Fi 6E
Until now, there were limitations on some of the heavier network related devices like virtual…
What are the risks associated with personal, unsanctioned apps on corporate devices and why?
From a security perspective, what are the personal apps/app types that you think CISOs should…
Commercial Shipping Is the Next Cybersecurity Challenge
there is a misbelief that ships are not vulnerable to cyber incidents, leading to an…
Are 5G Networks Setting The Stage For A New Wave Of Cyberattacks?
...the sheer volume and velocity of 5G networks, combined with the complex infrastructure and heavy…
The transport threat
Ransomware will proliferate over the coming years, with attackers locking individuals into, or out of,…
Adapting InfoSec for Container Security
Containerization has effectively become the new normal for expediting app delivery and improvements; security concerns…
NCSC head champions UK-Israeli cyber relationship amid spyware accusations
Organisations often have the best of intentions when creating some of these types of software,…
A return to the office is not a return to normal
Perhaps the biggest change that CISOs need to accept is that hybrid working is how…
The Trouble With Automated Cybersecurity Defenses
Speed and accuracy in identifying and responding to threats are the alluring promises of automated…
Questions To Ask To Help You Prepare For A Cyberattack
Develop a holistic backup strategy that covers all systems and core infrastructure services. Steve Durbin,…
Top 5 cybersecurity challenges in the hybrid office
The pandemic has caused a tectonic shift in how we live and work. Many companies…
How a Security Architecture Can Keep Your Organization Upright Amid Future Upheaval
By Steve Durbin, Chief Executive of the ISF As organizations claw their way back from…
Time to accept printers will leak data
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses…
Designing and Building a Security Architecture
Ultimately, a well-designed security architecture will enhance understanding, simplify decision-making, improve efficiency and contain costs.…
Watch this space
Satellites support so much of our business infrastructure, but being in space doesn't make them…
Ransomware Is Everywhere — Here’s What You Need To Consider
Steve Durbin is Chief Executive of Information Security Forum. He is a frequent speaker on the…
What the FLoC? Everything you need to know about Google’s new ad tech that aims to replace third-party cookies
First party cookies are really useful. For instance, they mean you don’t have to log…
The case for vaccine passports: the real world versus the digital world
Distinguished Analyst Andy Jones and Senior Analyst Alex Jordan, both of the ISF, take opposing…
Threat Horizon 2023: Four Evolving Threats That Should Be On Your Radar
The mass migration of people out of the workplace and into the home prompted a sharp rise in cybersecurity incidents.
The Challenge Of Continuous Assurance For Supply Chains
Building resilience and agility into a supply chain to cope with fluctuations in demand and meet business goals is a major challenge.
6 Tips for Managing Operational Risk in a Downturn
By Steve Durbin, Chief Executive of the ISF Coping with heightened operational risk during a…
How Cyber Security Criminals Exploit the 'Accidental Insider'
In the first of his regular new information security columns for Security Middle East, Daniel…
Eurasia Risks 2021 - Global Cyber Crisis
The first nation state to develop technologies such as AI, 5G, robotics and quantum computing…
Eurasia Risks 2021 - Digital Totalitarianism
Highly connected ecosystems of digital devices will enable the harvest, repurpose and sale of sensitive…
The new reality of a world online
Interview with Steve Durbin, Chief Executive of the ISF and The European The combination of…
How To Develop A Human-Centered Security Program
While many organizations have a security awareness training program in place, few trigger real behavior change or...
How Retailers Can Tackle Supply Chain Data Risk
By Steve Durbin, Chief Executive of the ISF Make security a core consideration in procurement…
Technology Is Just A Tool: Why People Are The Heart Of Everything We Do In Business
The idea that technology can solve all our problems is seductive. It seems like every product vendor claims to...
Security Think Tank: Towards a united state of security
By Jordon Kelly, Research Analyst at the ISF Of his new national security appointments, president…
Three Steps to Securing Supply Chains Under Pressure
By Steve Durbin, Chief Executive of the ISF You need to establish continuous monitoring across…
Eight Cyber Challenges In An Uncertain World
With the pandemic precipitating a health crisis that continues to threaten the global economy and the real possibility of a...
Six Ways A Good Leader Can Become A Great Leader
Many people can become good leaders. After all, you can learn how to communicate and how to be a better listener; you can...
Cybercrime to Scale New Heights in 2021: What Can You do About it?
By Steve Durbin, Chief Executive of the ISF With the pandemic precipitating a rapid acceleration…
Words of advice for President Biden’s new CISO
By Steve Durbin, Chief Executive of the ISF Cybersecurity should sit at the core of…
Security Think Tank: Time to rethink stopgap solutions
By Paul Holland, Principle Research Analyst at the ISF Home working assumes a certain level…
Look for GDPR fines to increase, extend beyond breaches
organizations should in particular note the extent of fines levied by regulators for infringements that…
Five Threat Vectors Destined To Make Waves In 2021
By Steve Durbin, CEO of the Information Security Forum, and Forbes Business Council Member Building…
New Year’s Resolutions for the Board in 2021
By Steve Durbin, CEO of the ISF Maturing your organization’s ability to detect intrusions quickly…
AI’s Two Achilles’ Heels Keep Me Up at Night
All the social techniques cybercriminals currently employ could be improved immeasurably with the help of…
Where to Focus Security Resources Mid- and Post-Pandemic
By Steve Durbin, CEO of the ISF Business leaders will inevitably need to make difficult…
Cybersecurity Must Be the Top Priority for the Board in 2021
By Steve Durbin, CEO of the ISF Leading the enterprise to a position of readiness,…
10 Benefits of Running Cybersecurity Exercises
By Steve Durbin, Managing Director of the ISF. There may be no better way to…
2020 Work-for-Home Shift: What We Learned
One area that organizations need to deal with is the rise of the insider threat,…
Privacy 2020: From Prepared to Alarmed, the Year the Rubber Hit the Road
With 2020 coming to a close, SC Media is delivering through a series of articles…
Cybersecurity in 2021: 5 Trends Security Pros Need to Know
The insider threat is one of the greatest drivers of security risks that organizations face…
ISF Proposal for “Human-Centered Security” Focuses Security Awareness on People’s Interactions With Technology
How can security keep pace with a cyber threat landscape that rapidly becomes more sophisticated…
Practical tips and advice for personal IoT security
By Daniel Norman, Senior Solutions Analyst at the ISF A large portion of IoT-related breaches…
Top Global Security Threats Organizations Will Face in 2021
Attackers will continue to be presented with the tools and opportunities to target and exploit…
Ransomware attacks target backup systems, compromising the company ‘insurance policy’
The success of ransomware is reliant on whether or not the target organization has patched…
Eight Steps To Building A Human-Centered Security Culture
By Steve Durbin, Managing Director, Information Security Forum, and Forbes Business Council Member Ransomware, phishing,…
Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand
Payment of a ransom is also a contentious discussion – in many cases the ransom…
New Information Security Forum Research Explores Human-Centered Security
Technology and processes should complement behavior, not add friction and impede productivity... Steve Durbin, Managing…
Websites Requiring Security Software Downloads Opened Door to Supply Chain Attack
I, for one, am wary if a website asks me, unprompted, to download anything. It…
CISA Warns Public About Online Holiday Shopping Scams
Also, beware of email “offers” from companies you don’t recognize and even those that you…
Changing Employee Security Behavior Takes More Than Simple Awareness
A human-centered security program helps organizations to understand their people and carefully craft initiatives that…
Why Security Awareness Training Should Be Backed by Security by Design
As a starting point, an individual will always choose to be productive in their current…
Information Security Forum Research Dives Into the Need for Human-Centered Security
A typical strategy should aim to reduce the number of security incidents and improve the…
Information Security Forum Addresses Global Security Issues at 31st Annual World Congress
The Information Security Forum (ISF), the trusted source that senior security professionals and board members…
Human-Centred Approach is Key to Better Security
Errors and acts of negligence can cause significant financial and reputational damage to an organization,…
Organizations Should Use Psychology to Promote Secure Behavior Among Staff
Errors and acts of negligence can cause significant financial and reputational damage to an organization...…
Qbot Banking Trojan Now Deploying Egregor Ransomware
Organizations should have an incident response or crisis management plan for ransomware events, knowing who…
Cybersecurity Workforce Study Needs to be Taken with a Pinch of Salt
Apprenticeships, on the job learning, backed up with support training packages are the way to…
Remote Work in 2021: Cybersecurity Grows in Importance
The global COVID-19 pandemic has forced digital change on organizations at high speed and certainly…
Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details
Just as consumers now automatically accept cookies and agree to privacy policies, they may also…
CISA: Ransomware Activity Targeting the Healthcare and Public Health Sector
Privacy should also be a high priority for anyone handling sensitive information, considering the shift…
Imminent Cyberthreat Could Disrupt Hundreds of US Healthcare Systems
Basic cyber hygiene standards need to be met, covering patching and updates, network segmentation, network…
6 Cybersecurity Lessons From 2020
The [pandemic] accelerated and concentrated forces, such as the move to remote working and adoption…
Skills Shortage Rains on Cloud Advances
Cross training within an organization is a good method of closing the skills gap by…
FBI: Hospitals and Healthcare Providers Face Imminent Ransomware Threat
The healthcare services have an outdated approach to security awareness, education, and training... Daniel Norman,…
What Skills Will Cybersecurity Leaders Want in 2021?
All infosec teams have been under huge pressure lately and good CISOs acknowledge that and…
Trust in Remote Working Tools Declines as Need for Security Increases
...overdependency on untested technologies, new vulnerabilities in systems, poorly constructed policies and a lack of…
Three Common Digital Transformation Challenges — And How To Overcome Them
By Steve Durbin, Managing Director of the ISF and Forbes Business Council Member Once expectations are…
Why ransomware has become such a huge problem for businesses
Anyone with access to the Dark Web can buy readily available ransomware kits for less than $100.…
Carnival ransomware attack affected three brands
Creating a cyber-savvy workforce that takes information security seriously, while nurturing a culture of trust,…
What Can Businesses Learn from the Cyber Security Challenges of Coronavirus
As we come out of lockdown and start to negotiate the economic fallout it has…
Norway Alleges Russia Orchestrated Parliament Email Hack
The attacking state will build user profiles, understand patterns of behavior and then they will…
Why Organizations Should Be Wary of the Security Risks Posed by Augmented Reality
By Steve Durbin, Managing Director of the ISF AR promises much, but organizations will soon…
ISF Supports Cyber and Compliance Challenges with Launch of Aligned Tools Suite 2020
We live in an uncertain world where budgets and resources are tight, yet the need…
#NCSAM: How Can Consumers Boost the Security of IoT Devices?
...individuals should proactively try and seek out vulnerability forums online and regularly assess whether exploits…
Cybersecurity, Cloud Skills: Key to Companies’ Digital Transformation
Increasingly, lockdown has driven us all online and the training industry has been somewhat slow…
How the Enterprise Can Shut Down Cyber Criminals and Protect a Remote Staff
Non-security incidents can have a substantial knock-on effect within the information security spectrum Steve Durbin,…
How to Enhance Security Education, Training and Awareness for Employees
By Daniel Norman, Senior Solutions Analyst at the Information Security Forum. Frequently delivering micro-content, using…
65% of leaders say that security awareness training is not a top priority
The best security policies are under constant review and take into account ongoing feedback. Archaic…
Research Reveals Gaps in Cybersecurity Training Initiatives Within Remote Workforce
By helping staff understand how vulnerabilities can lead to poor decision making and errors, organizations…
Six core characteristics that next-generation CISO’s exhibit
Being a next-generation CISO is an extremely rewarding position that allows an individual to become…
UHS Hospitals hit by Ryuk ransomware, forced to shut down systems
Attackers will once again turn their attention to disrupting the health service by targeting poorly…
Cyber Experts Weigh-In: Universal Health Services Hospital System Ransomware Attack
This is an exciting time for the healthcare industry but it is also dangerous. As…
How Criminals Use Artificial Intelligence To Fuel Cyber Attacks
By Steve Durbin, Managing Director of the Information Security Forum, and Forbes Business Council Member…
Research: Cloud Skills and Solutions Are in Short Supply
Shortages in skills and capabilities are being revealed as major security incidents damage organizational performance…
Suspected Ransomware Takes Out Major US Healthcare Provider
Privacy should also be a high priority for anyone handling sensitive information, considering the shift…
Ring’s Flying In-Home Camera Drone Escalates Privacy Worries
Smart home devices, such as Ring, collect an inordinate amount of sensitive personal data in…
Insider vs. Outsider Data Security Threats: What’s the Greater Risk?
As data breaches increase, many will be the result of Insider threats. In fact, the…
Georgia Election Data Hit in Ransomware Attack
Typically, the success of ransomware is reliant on whether or not the target organization has…
ISF Outlines the Key Skillsets of Modern CISOs
As digital transformation drives organizations to become more agile and responsive, the CISO faces demands…
Cuts to Digital Security Spending Right Now Would Be a Big Mistake
By Steve Durbin, Managing Director, Information Security Forum As we head into Cybersecurity Awareness Month…
What does it take to be a next generation CISO?
Becoming a next-generation CISO requires an individual to embrace and master new skills and disciplines,…
Six Skills CISOs Should Pursue To Elevate Their Role
By Steve Durbin, Managing Director, Information Security Forum, and Forbes Business Council Member A rapid…
Security Think Tank: Beware security blind spots at the edge
That datacentre security is a complex subject is not in doubt and, given the trend…
Threats from the digital world lead to greater cyber security concerns
Organizations will have to adapt quickly to survive when digital and physical worlds collide. By…
Tesla and FBI thwart $1 million Russian Ransomware hack
“Ransomware is one of the most prevalent threats to an organization’s information and is more…
Why the Cybersecurity Skills Gap Continues to Widen
“In today’s COVID-19 reality, to rectify the continued cyber skills shortage, organizations are being encouraged…
Ransomware Attack Hits Carnival Cruise Corporation: What We Know
"Ransomware attackers are not interested in stealing assets and using them to cause damage, but…
5G Brings Benefits, But Also Heralds Fresh Security Threats
By Steve Durbin, Managing Director, ISF and Forbes Business Council Member The continuing rollout of…
Your Work-From-Home Future: Now’s the Time to Think About Security
“Employees subject to new working arrangements may well react maliciously due to limited hours, lowered compensation,…
Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development
“Increasingly, lockdown has driven us all online and the training industry has been somewhat slow…
Why Data Ethics Is a Growing CISO Priority
With data collection growing, and increased concern about how it is handled, a synergy between…
The Future's Biggest Cybercrime Threat May Already Be Here
By Steve Durbin, Managing Director, ISF Current attacks will continue to be refined, and what…
How To Prepare Your Business As Worldwide Recession Looms
By Steve Durbin, Managing Director, ISF and Forbes Business Council Member The business world is…
The Internet Of Forgotten Things Will Leave A Dangerous Legacy
By Steve Durbin, Managing Director, ISF The Internet of Things (IoT) infrastructure will soon become…
Quantifying Cyber Risk: Why You Must & Where to Start
"The challenge for security is to be able to translate security metrics into a form…
Security Think Tank: Balancing human oversight with AI autonomy
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling…
On the Cybersecurity Horizon: Digital and Physical Worlds Set to Collide
By Steve Durbin, Managing Director, ISF The digital and physical worlds are on an irreversible…
EU court kills Privacy Shield, wreaks havoc on digital economy
Schrems II “Was always going to be a major test for the Privacy Shield,” Steve…
Deepfakes will tell true lies
By Steve Durbin, Managing Director, ISF In the coming years, advanced deepfakes of high-profile individuals…
The Digital Generation Will Become the Cyber-Criminal’s Dream
By Steve Durbin, Managing Director, ISF Over the next few years, the first truly digital…
Security Think Tank: ‘Shift left’ to secure containers
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for…
Cybersecurity Budgets: Will They Survive COVID-19?
“Security leaders will need to adapt, swiftly, to speaking the language of the business in…
Open Source Security Issues Exist: Deal With Them, Report Urges
Open Source Software is becoming much more commonplace within organizations, bringing a different set of…
COVID19, Cybersecurity and the Healthcare Industry
By Daniel Norman, Research Analyst, ISF The healthcare industry has been under immense pressure during…
Cybersecurity 2020: challenges and threats to be aware of
The risk and severity of cyber-attacks have increased over the past few years. In recent…
Extreme weather will inflict chaos on infrastructure
In the coming years, extreme weather events will become more frequent and widespread, devastating areas…
Having Cash Flow Problems? 15 Areas To Investigate
Businesses that may be feeling the pinch concerning their income might start by finding ways…
Behavioral Analytics Expected to Trigger a Consumer Backlash
"Organizations whose business model is dependent on behavioral analytics will be forced to backtrack on…
Promoting A Culture Of Adaptability: 16 Effective Tips For Businesses
Business leaders are aware of how important it is to be adaptable to survive market…
Augmented Attacks Expected to Distort Reality
In the coming years, new technologies will further invade every element of daily life with…
COVID-19: Rethinking Cybersecurity in a Post-Pandemic World
It’s been four months since COVID-19 was declared a global pandemic by the World Health Organization (WHO).…
The internet of forgotten things will bite back
In the coming years, internet of things (IoT) infrastructure will become unmanageable and impossible to…
70% of Organizations to Increase Cybersecurity Spending Following COVID-19 Pandemic
With coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the…
Robo-helpers will soon help themselves to data
Poorly secured robo-helpers will be weaponised by attackers. By Steve Durbin, Managing Director, ISF Over…
Leaked NHS Docs Reveal Roadmap, Concerns Around Contact-Tracing App
Future features include plenty of self-reporting options, and officials’ fears the data could be misused.…
Cybersecurity Threats to the Food Supply Chain
When Smithfield Foods closed its Sioux Falls pork processing plant – joining other meat and…
Security Think Tank: Create healthy habits to avoid burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working…
Remote work: 6 common misunderstandings about online security threats
VPN, cloud, and phishing misunderstandings show up in myths about security and remote work. Security…
Information Security Forum Releases Updated Guide to Security Best Practices
The Information Security Forum (ISF) has published a major update to its Standard of Good Practice (The…
Vishing and Cybercriminals during COVID-19
The COVID-19 pandemic has resulted in an upshot of all types of scams. In the…
Understanding the CFO’s Cybersecurity Role in the Age of COVID-19
Senior executives understand that today’s global economy is still not adequately protected against cyberattacks, despite…
Google, Apple tighten protections on contact tracing; Americans worry over privacy
As the likes of Google and Apple bolster privacy in the race to come up…
The Impact of Coronavirus on the Threat Landscape
How has the coronavirus impacted the outlook on security over the next few years? The…
Connecticut town drops drone program to combat COVID-19 spread over privacy concerns
“Like other Internet of Things (IoT) devices, drones currently have very poor security controls, making…
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.…
Risk Management, Insider Threats and Security Leaders in the Age of COVID-19
An insider threat is a security risk that originates from within an organization. According to…
The Privacy-Security Balance in Digital Surveillance: Lessons from COVID-19
A major feature of the current COVID-19 crisis has been the sudden growth of state…
Information Security Forum: Nine Cybersecurity Threats Organizations can Expect Through 2022
The Information Security Forum (ISF) has released Threat Horizon 2022, the latest in a series of…
IoT security, neglected infrastructure, and a crisis of trust deemed major threats for 2022
The Information Security Forum predicts the coming threats with a very good track record so…
When All Behavior Is Abnormal, How Do We Detect Anomalies?
Identifying normal behavior baselines is essential to behavior-based authentication. However, with COVID-19 upending all aspects…
If Remote Working is the New Norm, How Do We Do it Securely?
“My biggest concern is when remote workers enter phase three since it is unlikely that…
FBI: COVID-19-Themed Business Email Compromise Scams Surge
"Criminals have become more sophisticated by considering the psychological aspects of an attack," says Mark…
Nearly 10 Million People Filed for Unemployment in the US: What Does It Mean for the Cybersecurity and IT Workforce?
The number of new people claiming unemployment benefits totaled a staggering 6.648 million last week…
Covid-19 Poll Results: One in Four Prioritize Health Over Privacy
“Ultimately we are being asked to trust our governments in their ability to handle personal…
The Long-Term Impact of #COVID19 on the Cybersecurity Industry
“Remote working and remote business interactions will identify new opportunities, new ways of working that…
Impact of Coronavirus Outbreak on Early Stage Venture Investment in Cybersecurity
“I suspect that COVID-19 will tighten further the investment criteria being applied with a keener…
The Short-Term Impact of #COVID19 on the Cybersecurity Industry
As we work remotely and isolate ourselves from friends and colleagues as best we can,…
As coronavirus spreads, cybersecurity staff contend with increasing attacks, remote workers
As the COVID-19 pandemic continues to spread, cybersecurity professionals have never been busier. Despite some reports of cybercriminals…
15 Coronavirus Online Scams to Watch Out For
“Our appetite for information is vast and cybercriminals know this so there may be attachments…
Covid-19 Spurs Facial Recognition Tracking, Privacy Fears
The coronavirus pandemic is creating a lucrative market for facial recognition manufacturers. But privacy issues…
Security Think Tank: To tackle Covid-19, be prepared, flexible and resilient
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of…
European Electricity Association Confirms Hackers Breached its Office Network
ENTSO-E, the European Network of Transmission System Operators, has announced that it found evidence of…
Keys to Hiring Cybersecurity Pros When Certification Can't Help
There just aren't enough certified cybersecurity pros to go around -- and there likely never…
Infosecurity Magazine Q&A: Steve Durbin
Steve Durbin is a senior security leader at the Information Security Forum (ISF) with a diverse background…
ISF Coronavirus (COVID-19) Update
10th March 2020 ISF Coronavirus Update With the growing concerns regarding the Coronavirus (COVID-19) outbreak…
Use the human-centered approach for smarter security and compliance teams
By Steve Durbin, Managing Director of the Information Security Forum. As the cyberthreat landscape becomes…
Insider Threats: How Co-Workers Became a Bigger Security Headache
One of the biggest security threats to your team might be the person working right…
Conquering the Cyber Security Challenges of The Cloud
By Steve Durbin, Managing Director, Information Security Forum Cloud computing has become a prevalent force, bringing…
US Sen. Gillibrand Announces Legislation to Create a Data Protection Agency
"As pressure from regulatory compliance increases, businesses must take an increasingly integrated and well-rounded approach…
Overcoming the Cyber Security Challenges of the Cloud
The rise in business processes supported by cloud services has been well evidenced by organizations…
Ringing in a new National Privacy Law?
Privacy advocates have long called for a federal privacy law and it’s coming…in the meantime,…
Security Think Tank: Bug bounties are changing the image of hackers
The traditional picture of a hacker is of a script kiddie in a hoodie hunched…
Data Privacy Day 2020 Encourages Consumers to “Own Their Privacy”
The theme of Data Privacy Day 2020 is “Own Your Privacy.” Data Privacy Day began…
Lawmakers Introduce Bill to Reform NSA Surveillance
"This debate has been ongoing for some time now and there is clearly a need…
Security Think-Tank: Tackle insider threats to achieve data-centric security
The belief that effective perimeter security is the best way to protect data is a…
World Economic Forum Global Risks Report Highlights Dangers of Digital innovation
"In a hyperconnected world, attack surfaces and interdependencies will grow astonishingly quickly," warns Steve Durbin,…
Eurasia Risks 2020: Exacerbation of the Battle for Technological Dominance
"Technological advances are not restricted to America and China. They are a global phenomenon both…
Five Reasons Why Supply Chain Security Must be on Your Agenda
How do you know that the critical parts inside your servers and devices are not…
Cybersecurity 2020: Welcome to the Digital Cold War
The race to develop strategically important next-generation technology will drive an increase in nation-state-backed attacks.…
The Top Three Global Cyber Security Threats for 2020
In the year ahead, organisations of all sizes must prepare for the unknown, so they…
Deciphering Artificial Intelligence in the Future of Information Security
Artificial Intelligence (AI) is creating a new frontline in information security. Systems that independently learn, reason and…
Maximise your defence with people power
Humans are often referred to as the “weakest link” in information security. However, organisations have…
Cybersecurity New Year’s Resolutions from the Information Security Forum
It’s that time of year again. Time for every one of us to reminisce on…
How to Stay Safe Online in 2020 – What Experts Say
When it comes to your online safety, companies have some say in how safe you…
Information Security Forum Predicts 2020's Top Global Security Threats
The Information Security Forum (ISF), a resource for executives and board members on cybersecurity and risk…
Get the board on board: leading cybersecurity from the top down
"Boards are trying to get their arms around all of these different moving pieces,” said…
Securing the Internet of Things (IoT) in Today's Connected Society
The Internet of Things (IoT) promises much: from enabling the digital organization, to making domestic…
Information Security Forum Releases Internet of Things Guide
The Information Security Forum (ISF) announced the release of Securing the IoT: Taming the Connected World, a report…
Target Sues Insurer Over Data Breach Costs
Target is suing its insurer for costs of up to $74M that were incurred as a…
Leadership trends in cybersecurity - 5 predictions for the CISO in 2020
Usually, when someone writes predictions, it is just before or after New Year’s Eve. But…
ISF Releases Using Cloud Services Securely: Harnessing Core Controls
The growth of cloud computing has become ever more apparent, as organizations are drawn to…
Reducing the Risks Posed by Artificial Intelligence
Artificial Intelligence (AI) is creating a new frontier in information security. Systems that independently learn,…
Information Security Forum Partners with NIST to Create Online Informative References
Pilot Program Demonstrates ISF’s Commitment to Working with Leading Authorities on Information and Cyber Security-Related…
How Does Artificial Intelligence Fit into Cybersecurity's Future?
It's a question almost as old as cybersecurity itself. But some research from the Information…
New ISF Paper Attempts to Demystify AI in Information Security
In a paper released today, the Information Security Forum is urging organizations to capitalize on the opportunities…
Tomorrow’s attacks today: How to defend against next-generation cyberattacks
Imagine sitting at the end of a fishing pier staring at the ocean on a…
Cyber Risks Force Banks to Rethink Vendor Relationships
Hefty questionnaires have long been a favored method for banks to perform due diligence on…
Phishing Still Catches Federal Employees Unaware
Continuous training and awareness is the key to protecting high-value agency assets. Last year, the…
Former Army Contractor Gets Prison Term for Insider Attack
A former U.S. Army contractor has been sentenced to two years in federal prison after…
Cyber Insurance Firm Cowbell Emerges From Stealth With $3.3 Million Seed Funding
Pleasanton, California-based cyber insurance firm Cowbell Cyber has emerged from stealth, announcing its Cowbell Factor…
How Cybercriminals Exploit Simple Human Mistakes
A new report explores how attackers identify psychological vulnerabilities to effectively manipulate targets. "People make…
How Human-Centered Security Can Strengthen Your Organizations
Humans are often regarded as the "weakest link" in information security. However, organizations have historically…
Steve Durbin- MD of Information Security Forum Named MD of the Year in Information Technology for 2018/19
Steve Durbin- Managing Director of the Information Security Forum (ISF), Named European Business Magazine’s MD…
Information Security Forum Tackles Human-Centred Security in Latest Paper
According to the Information Security Forum (ISF), trusted resource for executives and board members on…
How Artificially Intelligent Malware Could Intensify Hackers’ Capabilities
Technology has advanced at an astounding rate in the past decade and the pace is…
Your Vulnerability is Someone Else's Pay Cheque
Bug bounties and crowd sourced penetration testing, why might you need them? Many organisations have…
Making Security Assurance More Business-Focused
In a fast-moving environment filled with evolving cyber threats, leaders want confidence that business processes,…
Risk mitigation is key to blockchain becoming mainstream
What are the best and most effective ways information security professionals can use blockchain technology?…
Cyber Threats Are Increasing, but Security Budgets, Staff Aren’t
The age-old problem of misaligned security budgets and staffing continues, but they may not be…
Next-gen tech: Next-gen threats
The Malicious use of next-generation technology spells worrying times for the businesses. Steve Durbin, Managing…
The Cyber Security Threat Landscape Keeps Evolving
Ransomware is a major concern, but it isn’t the only cyber risk your organisation will face this…
GDPR Outlook: After First Record Fines, What’s Next?
Following the record penalties for Google, British Airways and Marriott under the European Union’s General Data Protection…
Security Assurance Is a Long-Term & Ongoing Investment
Taking a business-focused approach to security assurance is an evolution. It means going a step…
Automate security in increasingly complex hybrid environments
As new technologies and infrastructure such as virtualization, cloud, and containers are introduced into enterprise…
Modern-Day SOCs: People, Process & Technology
As security operations centers (SOCs) continue to evolve, enterprises are challenged with enhancing their ability…
Russian hacking group STRONTIUM attacking corporate IoT devices
“Organizations are adopting smart devices with enthusiasm, not realizing that these devices are often insecure…
6 Ways to Stop the Loss of IT Assets to Remote Workers
Some remote workers work full-time outside of company walls. Others telecommute when travelling on business…
Vigilantes, tech giants and botched transformations threaten the digital marketplace
Information security professionals are facing increasingly complex threats—some new, others familiar but evolving. By 2021,…
Pentagon Buys Equipment With Known Vulnerabilities: Audit
Despite national security concerns, the U.S. Department of Defense has purchased thousands of computers, printers…
Defending the Enterprise From the Coming Wave of Ransomware Attacks
Ransomware attacks faded from the headlines after the notorious WannaCry outbreak in 2017 and the…
The Growing Threat of Drones
Steve Durbin, Managing Director of ISF, recently spoke to SecurityWeek to discuss the threat of…
How to Avoid Cyber Threats by Disgruntled Employees
Disgruntled employees can prove to be the biggest threat for the cyber security of an…
Identity Management Sparks Friction Between Executives, Employees
Hackers often attack company networks using compromised login information, a challenge for cybersecurity leaders who…
Top-Down Strategies for Fending Off Cyberattacks
Cybersecurity demands awareness across the organisation. The CEO needs to make it happen. For Steve…
Blockchain: A technical disrupter or business distractor?
The discussion at this month’s Infosecurity Europe panel on quantum computing, artificial intelligence and blockchain…
Information Security Forum Report Tackles Business-Focused Security Assurance Programs
The Information Security Forum (ISF), trusted resource for executives and board members on cyber security…
Security Should Be Business Focused, Says ISF
A security assurance program that focuses on business needs can help organizations meet the needs…
Security assurance needs a business-focused approach
Business leaders want to be confident that their operations will continue running as normal without…
Information Security Forum Report Looks at Business-Focused Security Assurance Programs
The Information Security Forum (ISF), trusted resource for executives and board members on cyber security and risk…
State-Backed Espionage Targets Next Gen Tech
In the coming years, nation states’ intelligence services will combine forces with commercial organizations to…
Employees Out of Work After ASCO Hit by Ransomware
Nearly 1,000 employees in ASCO’s Zaventem, Belgium, office have been left incapable of doing their jobs…
Digital Vigilantes Weaponize Vulnerability Disclosure
Over the next two years, vulnerability disclosure will evolve from a predominantly altruistic endeavor to…
On the Horizon: Parasitic Malware Will Feast on Critical Infrastructure
Parasitic malware, which seeks to steal processing power, has traditionally targeted computers and mobile devices.…
How the C-Suite Can Build Tomorrow’s Cyber Security Workforce
The people, processes and technology that protect digital resources and manage cyber risk are essential…
Moody's Downgrading of Equifax Is a Message to Boards
While affirming Equifax’s senior unsecured rating at Baa1 and short-term rating at Prime-2, Moody’s Investor Services downgraded the…
Moody's Outlook Downgrade of Equifax: A Wake-up Call to Boards
The move provides another spark to light a fire under CISOs to improve how they…
Steve Durbin, ISF: Only AI-Based Security Solutions Will Fight AI-Based Malware
The ISF is one of the world’s leading independent authorities on cybersecurity and information risk…
Cloud providers are under attack - and sabotaged services will freeze operations
Over the next two years, cloud service providers will be systematically sabotaged by attackers aiming…
Security Think Tank: Proper segregation is more important than ever
What are the security benefits and challenges of segregating IT environments, and how best are…
5G technologies will broaden attack surfaces
The arrival of 5G, with significantly faster speeds, increased capacity and lower latency, will change…
Latest Information Security Forum Report Tackles Blockchain and Security
Steve Durbin- Managing Director of the Information Security Forum (ISF), Named European Business Magazine’s MD…
Blockchain Useful, Not Without Issues, Says ISF
The Information Security Forum (ISF) released its latest briefing paper, Blockchain and Security: Safety in Numbers, which identifies…
Helping organizations understand the pros and cons of blockchain
Blockchain is often seen as a game-changer for businesses, governments and criminals alike. But, as…
The digital unraveling: Vigilantes, rogue competitors, big break ups, and broken trust
By 2021, the world will be significantly digitized and connected. Competing in the digital marketplace…
Everything Is Best When It Comes to Cybersecurity Best Practices
Because innovation is moving so rapidly, keeping up with industry best practices can seem like…
DHS: Federal Agencies Need to Patch Vulnerabilities Faster
The U.S. Department of Homeland Security is requiring that federal agencies speed up patching and…
How Data-Centric Security Solutions Thwart Insider Threats
Thwarting insider threats is one of the most difficult challenges for companies, organizations, and governments.…
Digital Cold War on the Horizon: Preparing for Systemic Global Attacks
By 2021, the world will be significantly digitized and connected. The race to develop the…
Growing Reliance on Digital Connectivity Amplifies Existing Risks, Creates New Ones
Information security threats are intensifying every day. Organizations risk becoming disoriented and losing their way…
'ShadowHammer' Spreads Across Online Gaming Supply Chain
A sophisticated supply-chain attack dubbed Operation ShadowHammer is becoming more pervasive, with the group targeting online gamers,…
Cybersecurity Predictions for 2019
The cybersecurity trends that have characterized 2018 are likely to continue in 2019, including the…
CWT accredited by government cyber security scheme
Travel management platform CWT has secured a UK government cyber essentials certification. The scheme is…
Threat Horizon 2021: The Cyber Attacks Businesses Need to Prepare for Now
ISF’s Steve Durbin details findings from the firm’s recent Threat Horizon 2021 report, highlighting the…
Managing the technology risk of yesterday, today and tomorrow
What does your organisation’s technology landscape look like, and is it secure? At a recent…
Verizon Report Brings the Critical Discussion of Insider Threats Back to the Boardroom
The list of the biggest dangers to information security are long for 2019, and ever-evolving.…
Security Think Tank: How to reduce the impact of a potential cyber extinction event
How should businesses plan to survive a potential cyber attack extinction event? An extinction event…
Emerging Cyber Threats Leverage Society's Reliance on Connectivity & Intelligent Systems
By 2021, the world will be significantly digitized and connected. The race to develop the…
Rush to Digital Transformation Leaving Organizations More Vulnerable
Digital transformation was one of those buzz terms I heard both at RSA and during…
Microsoft Takes Control of 99 Websites From APT Group
Microsoft is using its legal muscle to push back against an advanced persistent threat group that…
Information Security Forum Launches Threat Horizon 2021
Annual report identifies emerging security themes organizations will face over the next two years as…
Incoming Cyber Threats: Is Your Organization Prepared?
Enterprises will face nine major threats, including vulnerabilities in software and other applications, state-backed espionage…
Top Tips for Improving Board Communication Around Security
A panel of security professionals discuss the top three tips for how CISOs and risk…
Digital cold war and other emerging threats we'll face in the next two years
A new report from the Information Security Forum looks at the threats organizations can expect to face…
Competitors Flout Rules in a Digital Cold War
Emerging information security threats will continue to impact business, and the Threat Horizon 2021 published by Information Security…
3 security threats businesses need to prepare for by 2021
IoT and digital transformation efforts will leave more businesses vulnerable to cyberattack, according to Information…
The Effective CISO Needs More Than a Control Framework
Chief Information Security Officers (CISOs) often talk about reducing the risk of financial loss to…
EU Seeks Better Coordination to Battle Next Big Cyberattack
The EU is looking to head off the next major cyberattack against Europe by creating…
Beware March Madness Phishing Scams And Cyber Attacks
Have you filled in your brackets? March Madness kicks off this week. The annual NCAA…
Is Your Supply Chain the weakest link?
Supply chains are a vital component of every organization's business operations and the backbone of…
6 Top Information Security Risks to Know in 2019
In the 20th century, a wave of technological advancement changed the global economy. The rise…
Security Think Tank: Financial loss as a key security risk indicator
What should be the key cyber security risk indicator for any business? Key risk indicators (KRIs)…
Georgia County Pays $400,000 to Ransomware Attackers
Officials in Jackson County, Georgia, along with the FBI are investigating a ransomware attack that…
Making unified threat management a key security tool
As data protection becomes critical to businesses, we look at how unified threat management can…
5G one of several security challenges to CNI
5G technology is among the key security challenges facing critical national infrastructure and all other…
Banks won’t be able to remain on sidelines of privacy debate
WASHINGTON — September 2017 was the beginning of the end. That’s when Equifax disclosed publicly,…
Information Security Forum Report Examines How to Deliver an Effective Cyber Security Exercise
The Information Security Forum (ISF), trusted resource for executives and board members on cyber security…
Cyber risk reporting: What the board wants
According to the McKinsey report The Board Perspective (March 2018) performance management and risk management…
Cybersecurity Plan
Writing a basic security plan is a must for all businesses, regardless of size. For…
Cyber Insurance: Time for CIOs to invest?
The threats to your business keep coming. Last year was the second-most-active year for data…
What CEOs Need to Know About the Future of Cybersecurity
Until recently, Chief Executive Officers (CEOs) received information and reports encouraging them to consider information…
Cybersecurity and the C-Suite: What Executives Need to Know
Until recently, CEOs received information and reports encouraging them to consider information and cyber security…
Buzz, Hype, and Shiny Objects - Where to Focus Instead
With all the hype in marketing, some topics get way too much attention, while other —…
Cyber insurance: Is your organisation covered? Is the insurance industry covered?
Cyber insurance remains a popular topic of conversation among security professionals. This is no surprise…
Security Think Tank: Focus UTM capabilities on security and business needs
How can organisations best use unified threat management tools to help stem the tide of…
5 Big Data and Cloud Security Concerns to Watch Out for in 2019
As we are growing with technology, security would undoubtedly strike our path. Taking a look…
Steps to Prevent Data Breaches
Normally, it takes around 6-months for an organization to realize that their system is infected…
10 Worrisome Ransomware Predictions for 2019
Ransomware is so last year…or is it? A type of malicious software that threatens to…
Four Things Every CEO Should Know About Cybersecurity
Until recently, Chief Executive Officers (CEOs) received information and reports encouraging them to consider information…
Global security threats organizations must prepare for in 2019
Criminal organizations will continue their ongoing development and become increasingly more sophisticated. In the year…
Want to Keep Security Talent? Offer Something More.
For years, chief information security officers (CISOs) have viewed talent retention as one of their…
Break Free from Traditional Network Security
Today, there is no longer a hard network perimeter. Businesses need to forge close links…
Latest Information Security Forum Digest Looks at Building Tomorrow's Workforce
The Information Security Forum (ISF), the trusted source that senior security professionals and board members turn to…
Information Security Forum Tackles Tomorrow's Security Workforce in Latest Report
The Information Security Forum (ISF), the trusted source that senior security professionals and board members…
Sticking to your Cybersecurity Resolutions in the New Year
The Information Security Forum recommends that businesses focus on the following cyber security topics in…
Is Your 2019 Business Technology Plan Completed?
The new year is already upon us, but it is not too late to put…
The Top 50 Must-Attend Information Security Conferences in 2019
Our list of the top 50 infosec conferences happening around the world in 2019 -…
UK Firms Say £6.6bn Annual Security Testing Cost Too High
Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK…
Do We Really Have a Cybersecurity Skills Gap: Time to Refocus the Hiring Process
Is there a cybersecurity skills gap? Plenty of surveys and anecdotal evidence seem to say…
Building Cyber Resilience is Critical as Threats Rise
Given the pace of change and scale of threat in the digital world, Steve Durbin,…
A Diverse Security Workforce is a Stable Security Workforce
When it comes to building an InfoSec team, security executives face a number of challenges,…
With Great Power Comes Great Responsibility: Learning from a major data breach
Are the recent data breaches finally a catalyst for change in how cyber risk is…
Supply Chain Cybersecurity to Evolve in 2019
“Security is only as strong as its weakest link,” Steve Durbin, Managing Director, ISF says.…
Security Think Tank: Creative Thinking Key to Meeting Emerging Security Challenges
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running…
The European: Building the cybersecurity workforce of tomorrow
As the range of cyber threats confronting industry continues to grow more varied, intense and sophisticated,…
New Year's Resolution for 2019: Security must be the top priority for the Board
In the year ahead, organizations must prepare for the unknown so they have the flexibility…
Nine Security Tips for 2019
Cybercrime caused no shortage of sleepless nights in 2018. And in 2019, freelance hackers and…
The European: Building the Cybersecurity Workforce for Tomorrow
In the Winter 2019 edition of the European Magazine, Steve Durbin, Managing Director, ISF explains…
Supply and Demand (for security)
2018 was the year that raised the alarm in earnest about potential vulnerabilities in the…
Land of the Giants - Cybersecurity in 2018
2018 threw some cybersecurity curve balls but it also looked a lot like 2017…only bigger.…
4 Global Cybersecurity Threats for 2019
In the year ahead, organizations of all sizes must prepare for the unknown, so they…
Prediction: Businesses will continue to have to adapt to government regulations
Says who? “Regulatory frameworks will continue to drive security maturation for companies. Specifically, the European GDPR will…
Farewell 2018, Hello 2019: The last 12 months in cloud - and what's on the horizon
2018 was yet another fascinating year when it came to cloud computing, along with the…
Best Practice Response Can Mitigate Data Breaches Quickly
It takes about six months for a company to detect that a data breach occurred in its…