RE: Cyber Blog Team
The RE: View is a look back at the recent headlines that caught our attention and that senior executives and board members should consider when assessing and managing cyber risk.
The RE: View is a bimonthly look back at the headlines that caught the attention of our RE: Cyber contributors that senior executives and board members should consider when assessing and managing cyber risk.
A recent PwC paper points out that not only does the NIST Cybersecurity Framework comprise “leading practices from various standards bodies that have proved to be successful when implemented,” but also “may deliver regulatory and legal advantages that extend well beyond improved cybersecurity for organizations that adopt it early.”
William J. Brunkhardt, chief technology strategist at Cyber Sciences Corporation, reviews what we know and what companies should be aware of regarding the Heartbleed bug.
One dilemma for companies may be the way "cyber" is used as an umbrella term for a vast set of threats, says John Glowacki, chief strategy and information officer at Protexit. Originally posted January 23, 2014.
Regular investments in cybersecurity are as essential today as stone walls were to a medieval city, says Eric Brown, CIO, NCI Building Systems, Inc.
"As any business executive whose organization has been victimized by cyber wrongdoers knows, suffering from a cyber-attack of any significance can be frustrating at best, and devastating at worst," write Joseph V. DeMarco and Alexis Tandeau, partner and foreign legal intern, respectively, at DeVore & DeMarco LLP. "Tempting as it may be, however, under current law, 'hacking back' can cause substantial legal harm as well as reputational backlash when done without carrying out an extremely careful factual and legal analysis of the proposed activity."
Regardless of industry or sector, corporations and other organizations of all sizes must assess and mitigate risks associated with network vulnerabilities arising from cybercrime, cyber espionage or the inadvertent loss of data, says Joseph V. DeMarco, partner at DeVore & DeMarco LLP.
You should not hire "generic good workers" for your security defense, argue Eric Brown and William Yarberry. Instead, ask yourself the following questions when looking for security leadership.
Tom Dolan examines how companies have confronted the challenge of reporting cyber incidents and the ongoing liabilities these incidents present.