- Risk Management Information Security Measures Commensurate With Risky Behavior
Security safeguards could be applied selectively based on users' demonstrated tendency toward risky computer behavior—people whose systems were frequently infected or who clicked simulated phishing...
- Cloud Security Risks and Benefits of Docker Application Containers
Docker containers share the host kernel, providing weaker isolation than virtual machines but offering security benefits like smaller vulnerability surfaces and easier patching through image...
- Leadership Know Your Firm's Economic Moat to Keep Security Relevant
Effective security decisions require understanding your company's economic moat—the competitive advantages that protect it from rivals. Framing risks in terms of threats to these moats (brand equity,...
- Risk Management The Eternal Cycle of Cybersecurity
The fight between cyber attackers and defenders resembles an ecological cycle between predator and prey—the goal is equilibrium, not victory. Being complacent is risky because maintaining balance...
- Threat Intelligence Anticipating Cyber Threats Beyond APT
Organizations that experienced APT attacks years ago may offer insights into threats that will eventually reach other companies. Predicted trends include greater use of purchased exploits,...
- Risk Management Mutually-Assured Destruction as a Factor in Cyber Warfare
Since no practical defense exists against nation-state cyber intrusions, countries may need to compromise adversaries' IT assets to establish mutually-assured destruction as a deterrent. Nations with...