Blog

Cybersecurity consumes a significant share of organizational budgets. As some of the most trusted brands experienced data breaches over the past 2 years—including Intel, Yahoo, Macy's, Adidas, Sears, Delta Airlines and Best Buy to name a few, companies are wondering if they are next in line, and if they are spending enough to protect their data, users, brands, and business continuity. They're already paying a lot. The online publication CSO partnered with the CERT Division of Software.

Supply chain cyberattacks are increasing as companies outsource a growing number of services. Today, your enterprise is more likely than ever to have third parties touching sensitive data[1]. Even when your security controls are robust, an attacker can breach a weaker network—like the network of one of your suppliers, service providers, or partners—and use it as an indirect route into your network[2]. In 2018, many highly publicized breaches were the result of supply-chain attacks: Atrium.

You just signed on as CISO. Congratulations. Now you can expect to be deluged with security emergencies and unresolved issues from your predecessor while you're getting to know and building credibility with your team. Meanwhile, cyberattackers are still pounding at the door. All of these immediate pressures are important, but optimizing organization-wide security is why you were hired. Here are four steps that will help you identify security priorities and appropriate remediation steps, so you.