Perspectives on data risk
Flip the Script: Let the Attackers "Win"
What does it look like when organizations do their data security and risk management homework upfront, instead of on-the-fly? In the case of healthcare organizations and ransomware attacks, the picture is completely different, and much more sustainable.Read the full article here.
Cybersecurity is Dead — What Now?
We must stop insisting cybersecurity can "win" the war against cybercriminals, because we've already lost. There's a better way to protect your organization, and it begins and ends with data.Read the full article here.
Ullico gets proactive with data risk
Transforming enterprise data loss prevention from a checkbox compliance project into an effective, flexible business risk management program is no small feat. But Infolock did just that for Ullico, one of the nation's largest union labor insurance carriers.Read the full case study here.
4 in 4: 4 Insights From My First 4 Months at Infolock
After four months on the job at Infolock, I want to let prospective customers and employees know what they can expect when they work with or for our team.Read the full article here.
American College of Radiology Chooses Infolock
Working together, the American College of Radiology (ACR) and Infolock built a data protection program that saved time and money, and improved security outcomes for the medical society and its 40,000 professionals.Read the full article here.
Challenge the Status Quo
Quick fix technology solutions aren't a substitute for hard work and careful planning. If you'd like to get a seat at the executive table, you need to challenge the status quo and learn a new approach to "selling" security.Read the full article here.
Data Breach Cynicism Takes Hold
In nearly 20 years of working in the IT security industry, I’ve helped hundreds of companies build and mature their security programs. With some notable exceptions, when my team comes in to help out, these programs range from ineffective to completely nonexistent.Read the full article here.
CISO, We Have a Problem
Marginalized, scapegoated, and defeated, Chief Information Security Officers (CISOs) need to reinvent themselves as Cloud- and data-connected Enterprise Risk Management (ERM) professionals.Read the full article here.
The Four Do’s of DLP
You know the feeling you get when you see someone who has invested in state-of-the-art gear – say, a high priced vintage Fender Stratocaster, a Marshall stack, and a dozen effects pedals – but hasn’t invested in guitar lessons? It’s the same feeling I get when I see a company invest in the latest, greatest Data Loss Prevention (DLP) system, plug it in, and forget about it.Read the full article here.
“It’s the Data, Stupid!”
Data is notoriously messy. It's clear most organizations have lost control of it – or, never had control of it in the first place. We’re stockpiling massive amounts of data in our unstructured and structured repositories, keeping it indefinitely, and bleeding it out through accidental loss, careless (but well-intentioned) sharing, unfettered collaboration, and insider theft.Read the full article here.
People & Process
Peak Vendor: Reclaiming InfoSec Priorities and Budgets in the Age of Big Marketing
I’m not sure when the bubble began. Three years ago? Five? Security needs – driven by methodical risk management practices – took a backseat to new security “trends,” new product categories, and new startup companies. At some point, we passed the point of no return.Read the full article here.
The Demise of Symantec?
Pundits want to declare Symantec dead since its acquisition by Broadcom. The truth is more complicated, and more hopeful, than one might guess.Read the full article here.
Vendors Know You Too Well
Vendors know how to play technical buyers and procurement teams to maximum effect. It's time to buy better.Read the full article here.
Banishing the Backseat Drivers
Security vendors like to tell you what you need, but you don’t have to let them. If you put in the time and effort to assess what you have and where you want to go, you can create a meaningful strategy and a sustainable plan. It’s worth it.Read the full article here.
Throw a New Year's Curveball
It's a new year, and a great opportunity to get your security team out of their comfort zone. After all, your cyber adversaries aren't worried about keeping your staff comfortable -- shouldn't you practice working under stress?Read the full article here.
Managed DLP Services
Too often, businesses purchase DLP in an effort to check a regulatory box. The investment is made, DLP is physically implemented, then no one ever looks at it again. This common misuse of the program does little to improve security. In fact, it’s akin to throwing money down the drain. DLP needs attention to meet its usability potential.Read the full article here.
Drowning in Data?
Huge, intractable problems break down into smaller, digestible pieces. Instead of trying to solve the whole "data problem" at once, across the entire organization, start with one particular area. One department. One team. Get an understanding of how that part of your organization collects, analyzes, uses, retains, stores, deletes, and manages its own data.Read the full article here.
- Infolock Delivers Full Data Risk Management Program for Ullico
- Flip the Script: Let the Attackers "Win"
- Cybersecurity is Dead — What Now?
- Ullico gets proactive with data risk
- 4 in 4: 4 Insights From My First 4 Months at Infolock
- American College of Radiology Chooses Infolock
- Challenge the Status Quo
- Data Breach Cynicism Takes Hold
- CISO, We Have a Problem
- The Four Do’s of DLP
- The Demise of Symantec?
- Drowning in Data?
- Vendors Know You Too Well
- Banishing the Backseat Drivers
- Throw a New Year's Curveball
- Managed DLP Services
- “It’s the Data, Stupid!”
- Peak Vendor: Reclaiming InfoSec Priorities and Budgets in the Age of Big Marketing