Talk to Our Experts  

Information Risk Management Blog

Risk Management and the Heisenberg’s Uncertainty Principle

[fa icon="calendar'] Oct 2, 2017 3:17:14 PM / by Jayesh Kamat posted in #informationSecurity, #RSACharge, #RSAC

[fa icon="comment"] 0 Comments

Risk management reminds me of Heisenberg’s Uncertainty Principle which asserts a fundamental limit to the precision with which certain properties of quantum particles can be determined. The Uncertainty principle talks about not being able to accurately measure just two parameters of a particle risk management deals with a whole bunch of them. While there is universal agreement on risk being quantified as impact and likelihood, quantifying impact and likelihood to any level of accuracy is dependent on the discipline, context, model and taxonomy. The focus on risk management continues to increase as information security and cybersecurity standards and regulations propose risk assessments to decide on the security posture and controls.

Read More [fa icon="long-arrow-right"]

SIEM is Dead -Long Live SIEM

[fa icon="calendar'] Sep 6, 2017 6:12:11 AM / by Chandra Prakash Suryawanshi posted in SIEM

[fa icon="comment"] 3 Comments

I was surprised to see the report from Mandiant that states the following facts -

Read More [fa icon="long-arrow-right"]

SAMPLE RFP Questions: SOC Build/Optimization Services

[fa icon="calendar'] Sep 6, 2017 6:02:47 AM / by Chandra Prakash Suryawanshi posted in Managed SOC

[fa icon="comment"] 0 Comments

  • Provide a brief overview and history of your organization, highlighting specific experience in projects of this type. Key individual expertise should be set forth in detail.
  • Describe the organizational structure of your company and provide the following information:
  • A corporate organizational chart, including subsidiaries, affiliates, list of the board of directors, list of key personnel

b. The total number of W-2 employees

Read More [fa icon="long-arrow-right"]

NYDFS Cyber Security Regulations - Made Easy (Part 3 Final)

[fa icon="calendar'] Feb 6, 2017 1:13:00 AM / by Anupam Bonanthaya posted in Cybersecurity, Banking, Risk & Compliance Advisory, NYDFS

[fa icon="comment"] 2 Comments

Now that the final regulations are out, and it will be effective starting March 1, 2017, if you are looking for an executive summary of the regulations, and if you are curious  about what changed between  the draft and the final one - here we go.

Read More [fa icon="long-arrow-right"]

Our Top 10 Cyber Security Predictions for 2017

[fa icon="calendar'] Dec 30, 2016 6:16:48 AM / by Anupam Bonanthaya posted in Cybersecurity, Information security, 2017

[fa icon="comment"] 0 Comments


It is that time of the year when you look back at the year that passed by and make predictions for the new year.

We did the same for what we love - Cyber Security, and listed the Top 10 for 2017 in the form of an infographic. Check out if it matches yours?

Read More [fa icon="long-arrow-right"]

Is Internet of Things becoming Internet of INSECURE Things?

[fa icon="calendar'] Dec 28, 2016 5:51:14 AM / by Ameya Jhawar posted in Cybersecurity, Digital Security, IOT security

[fa icon="comment"] 0 Comments

While we are getting excited about the Internet of Things (IoT) becoming the future of everything, with all kinds of technology driven services, there has been an uneasy sense of anxiety with the security pros among'st us.

These concerns are many like Data Privacy Issues, Network & Critical Infrastructure Security issues, DDoS attacks, Targeted Attacks on Individuals,  etc.

After the recent security incidents related to security of IoT devices, these concerns have bubbled up to the top because attackers have begun to exploit the "sloppy security" in the IoT eco-system!

So what are the reasons why IoT is becoming everybody's favorite target?

Read More [fa icon="long-arrow-right"]

NYDFS Cyber Security Regulations - Made Easy (Part 2)

[fa icon="calendar'] Dec 9, 2016 12:02:47 AM / by Anupam Bonanthaya posted in Cybersecurity, NYDFS, Security Regulations

[fa icon="comment"] 0 Comments

Being in the Financial Services industry, you must be already aware of the news about the proposed cyber security regulations by the New York Department of Financial Services (NYDFS).

In this article, we have tried to simplify the regulations by representing the 23 sections in the form of an infographic. 

Even though these regulations would be enforced only on those financial services companies coming under the scope of NYDFS, given that New York is seen as the financial capital of the world,  companies outside NY also see this as a global benchmark.

Read More [fa icon="long-arrow-right"]

NYDFS Cyber Security Regulations - Made Easy (Part 1)

[fa icon="calendar'] Dec 5, 2016 3:30:50 AM / by Anupam Bonanthaya posted in Cybersecurity, NYDFS, Security Regulations

[fa icon="comment"] 0 Comments

Being in the Financial Services industry, you must be already aware of the news about the proposed cyber security regulations by the New York Department of Financial Services (NYDFS).

In this article, we have tried to simplify the regulations by representing the 23 sections in the form of an infographic. 

Even though these regulations would be enforced only on those financial services companies coming under the scope of NYDFS, given that New York is seen as the financial capital of the world,  companies outside NY also see this as a global benchmark.

Read More [fa icon="long-arrow-right"]

What is Vulnerability Intelligence? The 5 Data Challenges It Solves.

[fa icon="calendar'] Sep 28, 2016 7:46:34 AM / by Anupam Bonanthaya posted in Vulnerability management, Vulnerability Intelligence, security assessment, Security testing

[fa icon="comment"] 0 Comments

There can be no argument about the fact that Vulnerability Management is one of the oldest problems in Information Security. There are many reasons why it has remained a problem, even today.

In this post I will cover what  Vulnerability Intelligence  is and what are those tough lingering problems that it attempts to address. (btw, it is not the same as Threat Intelligence).

Read More [fa icon="long-arrow-right"]

6 IoT Security Worries that could ruin your Internet-of-Things Party

[fa icon="calendar'] Sep 8, 2016 2:03:28 AM / by Anupam Bonanthaya posted in Digital Security, basics of digital security, IOT security

[fa icon="comment"] 0 Comments


Reported Security Incidents on IoT (Internet of Things) components have increased 152% between 2014 and 2015. Looks like it will be even higher at the end of 2016.

This is at a point where the number of smart devices is expected to jump 5 X from 5 Billion in 2015 to 25 Billion in 2020, conservatively speaking. 

Internet of Things is becoming a favourite target for cyber attackers, and it is a no-brainer to predict that it will only become worse. 

More Smart Devices = More (Sensitive) Data = Higher Risk

In this post, check out the 6 basic security concerns with Internet of Things that you need to pay attention to, in order to enjoy the ride without falling off the roller coaster.

Read More [fa icon="long-arrow-right"]
     

Other Popular Posts

Subscribe

Case Studies