Security & Risk Archives | Page 2 of 2

By Dorsey McFadden Advisory

05 Jul: InfoSec Can Be Taxing, So Here’s a Taxonomy

Information Security can sometimes feel like death by documentation, like a bunch of red tape just to keep regulators and auditors at bay. Throw in differences in lexicon, and seeing how all the many pieces fit together can be quite difficult.

Getting everyone, practitioner and leadership alike, on the same page when it comes to terminology in the information security space is key. If everyone can speak the same language, a well-understood and well-orchestrated information security governance structure won’t be far off.

Happy man using smartphone at modern coffee shop.

By Dorsey McFadden Advisory

25 May: Privacy and Security: What’s the Difference?

As data collection has increased, so has controversy. Most of this data has been willingly given by us users in the form of our computers, smart phones, and more recently, smart home devices, cars, and even refrigerators. International regulatory eyes have turned their gazes to some of these massive organizations collecting our data.

By Dorsey McFadden Advisory

08 May: [VIDEO] Essential Steps to Strengthening Cybersecurity

Many organizations know they must have the basics: hire a CISO, perform a risk assessment, and find security vendors to fill up the holes. Unfortunately, these are often mere boxes to check. Impact Makers’ former CISO Cathie Brown offers a few simple considerations in each of those steps that will strengthen your cybersecurity posture, like what to look for in a robust risk assessment and a trustworthy security vendor.

By Dorsey McFadden Advisory

24 Apr: Organizational Risk Management Is Not Just About Compliance

Organizational risk management is too often treated as a compliance issue with complex rules that result in a back office tracking of risks that don’t see the light of day. This presentation contrasts a traditional view of organizational risk management with an alternative view provided in a Harvard Business Review article by Robert S. Kaplan and Anette Mikes. This categorization of risk allows executives to understand the qualitative distinctions between the types of risks that organizations face.

By Dorsey McFadden Advisory

04 Apr: Cybersecurity Doesn’t Work Without Culture Change

Enhancing cybersecurity is critical, but there is a pervasive Band-Aid mindset causing organizations to commonly overlook the vital ingredient to any amount of successful security: culture change. Need a reminder why cybersecurity is at the top of so many lists? According

By Dorsey McFadden Advisory

21 Mar: [VIDEO] Too Many Organizations Overlook One of These Cybersecurity Building Blocks

While most organizations have made some investments in each of the three building blocks of cybersecurity, many overemphasize “technology.” The most overlooked component are the “people,” which will actually make or break the effectiveness of your cybersecurity.

1 2

Security & Risk

05 Jul: InfoSec Can Be Taxing, So Here’s a Taxonomy

25 May: Privacy and Security: What’s the Difference?

08 May: [VIDEO] Essential Steps to Strengthening Cybersecurity

24 Apr: Organizational Risk Management Is Not Just About Compliance

04 Apr: Cybersecurity Doesn’t Work Without Culture Change

21 Mar: [VIDEO] Too Many Organizations Overlook One of These Cybersecurity Building Blocks

Locations

Quick Links

Affiliations

Security & Risk

05 Jul: InfoSec Can Be Taxing, So Here’s a Taxonomy

25 May: Privacy and Security: What’s the Difference?

08 May: [VIDEO] Essential Steps to Strengthening Cybersecurity

24 Apr: Organizational Risk Management Is Not Just About Compliance

04 Apr: Cybersecurity Doesn’t Work Without Culture Change

21 Mar: [VIDEO] Too Many Organizations Overlook One of These Cybersecurity Building Blocks

Locations

Quick Links

Affiliations

Cookie Notice