In the news
How to Communicate Cybersecurity More Effectively to The Board
Featured in Forbes, ISF CEO Steve Durbin shares his guidance on how security leaders can enable the board to make informed security decisions.
Navigating Divisions In The Workplace: The impact of social media and rise of individual ideologies
Featured in Forbes, ISF CEO Steve Durbin explores the impact and influence of social media in shaping opinions and disseminating news.
The Quantum Dilemma: Game-changer or game-ender
ISF CEO Steve Durbin explores some of the top risks, concerns, and uncertainties on the horizon for quantum computing.
Technology Governance Needs a Rethink on Prioritising Resilience Against Digital Threats
Research shows that only 3% of businesses have developed true resilience against cyber threats. ISF CEO Steve Durbin shares primary reasons for this disparity.
EXPERT OPINION: Stop Talking About Security Awareness - Let's encourage secure behaviour and culture instead
ISF Expert Richard Absalom explores why organisations need to move beyond awareness; sharing guidance on how to focus on security culture instead.
Building A More Behavior-focused Security Awareness Program
Steve Durbin shares seven recommendations on how organisations should approach their awareness and security culture programs.
Five Strategies For Boards To Enhance Governance And Resilience In The Face Of Evolving Cyber Risks
ISF CEO Steve Durbin shares five strategies on how board members can better manage and govern cyber security.
Who are BISOs and what do they bring to the cybersecurity table?
Steve Durbin, ISF Chief Executive shares his thoughts on why organisations need a BISO and what traits are ideally suited for the role.
The Impact of Technology Failures on Business Resilience
Steve Durbin, ISF CEO shares 5 important factors to consider when trying to mitigate and counterbalance business impact of technology failures
Strategies for Security Leaders: Building a positive cybersecurity culture
ISF CEO Steve Durbin shares his best practices on how security leaders can develop a positive brand and culture for cyber security.
Striking a Balance Between Business Growth, Risk Management, and Cybersecurity
Featured in Security Boulevard, ISF CEO, Steve Durbin shares recommendations on how to balance business growth with risk management.
The 6 Elements Defining a Valid Cybersecurity Strategy
Featured in Forbes, ISF CEO Steve Durbin explains how you can maximise value from existing cybersecurity investments to inform strategy.
EXPERT OPINION: Resilient by design is the way forward
ISF Head of Research, Paul Holland outlines the essential steps to ensure your organisation is well-positioned for cyber resilience.
From Cartels to Crypto: Trends Show Disruptive Cybercrime Evolving Rapidly
ISF CEO Steve Durbin explains why rise of cybercrime-as-a-service amongst other trends, are lowering entry barriers for criminals.
EXPERT OPINION: It'll never happen to us
ISF Head of Tools & Methodologies, Alex Jordan shares his expert opinion on managing extinction level risks associated with suppliers.
EXPERT OPINION: Social Engineering Attacks: Understanding OSINT to mitigate risk
Over the last decade, OSINT (open-source intelligence) became a buzzword across many industries and lines…
5 recommendations for acing the SEC cyber security rule
SEC risk management and disclosure rules can be fraught with difficulties. Steve Durbin, chief executive of the ISF, offers advice for coping.
EXPERT OPINION: If we fail to prepare, we prepare to fail
ISF Head of Research, Paul Holland shares his expert opinion on incident preparedness and overcoming extinction level attacks.
EXPERT OPINION: The bigger they are, the harder we will all fall
"It’ll never happen to us." Most security and risk practitioners have faced this argument at…
Readying Your Company For The New SEC Cyber Incident Disclosure And Risk Management Rules
Featured in Forbes, ISF CEO Steve Durbin breaks down the SEC material incident disclosure and enhanced governance requirements.
Generative AI vs. Predictive AI: A Cybersecurity Perspective
Featured in Security Boulevard, ISF CEO Steve Durbin underscores how organisations can find value in predictive and GenAI implementation.
ISF: Your first line of defence
Interviewed by The European, ISF CEO, Steve Durbin shares the ISF perspective on implementing an effective cyber strategy
The Core Elements of a Cybersecurity Posture
ISF CEO Steve Durbin shares seven core elements that can lay the groundwork for a healthy cybersecurity posture.
Key Takeaways from the British Library Cyberattack
Featured in Dark Reading, ISF CEO, Steve Durbin shares key takeaways from the event, with guidance on practicing good information governance.
The New Security Leader: Less Techy, More Business-Savvy
ISF Distinguished Analyst, Paul Watts features in InfoRisk Today to share his perspectives on balancing cyber risk and business goals.
Urgently needed: AI governance in cyber warfare
Featured in Help Net Security magazine, ISF CEO Steve Durbin outlines the importance aligning AI's ethics with society’s fundamental values.
Weaponized Disinformation Threatens Democratic Values
Steve Durbin, ISF CEO, shares insights into the looming AI-security threats from his interview with Brian Lord, CEO of Protection Group International.
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Featured in Infosecurity Magazine, Distinguished ISF Analyst Paul Watts, shares his views on resilience and effective cyber crisis management.
5 key elements of cyber simulation exercises to boost cyber resilience
Steve Durbin, ISF CEO, shares five key elements required to design cyber simulation exercises aimed at enhancing cyber resilience.
The Risks And Rewards Of AI: Strategies For Mitigation And Containment
ISF CEO Steve Durbin explores the major risks AI poses for today and for the future, and how we can address and mitigate these threats.
Five ways security leaders can demonstrate the business value of cybersecurity
Steve Durbin, ISF CEO, shares five best practices on how security leaders can justify the business value of cybersecurity and improve alignment with business goals
Business Risk Preparation: The Interlocked World Of Technology, Geopolitics, Regulations And Cybersecurity
ISF CEO Steve Durbin features in Forbes to share some of the top risks organisations need to be prepared for; impact of geopolitics on supply chains, environmental challenges of quantum computing and more.
How to design and deliver an effective cybersecurity exercise
ISF CEO STEVE Durbin featured in Helpnet Security to share his insights on how to design and develop an effective cyber simluation exercise.
Geopolitical Conflicts: 5 ways to cushion the blow
ISF CEO Steve Durbin featured in Dark Reading to provide guidance on 5 key areas security leaders must navigate to cushion the blow of geopolitical conflicts.
Risky Business: 6 steps to assessing cyber risks for the enterprise
Steve Durbin featured in CSO online, sharing his six steps on how organisations can create risk assessment plans to anticipate future threats.
ISF Resources to Support the NIST Cybersecurity Framework 2.0
Discover what the latest updates to the NIST CSF mean for your organisation as Head of Tools at the ISF, Alex Jordan, provides his thoughts.
Six Steps to Help Leaders Achieve A Good Standard Of Cybersecurity
ISF Chief Executive Steve Durbin, features in Forbes to outline six essential steps for security leaders to enhance their cyber readiness.
Why data, AI, and regulations top the threat list for 2024
ISF Chief Executive Steve Durbin, features in Helpnet Security to address three cyber security hurdles in 2024 - Data, AI and Regulation.
What does the SEC indictment of SolarWinds mean for security leadership?
Paul Watts, Distinguished Analyst at the ISF explores what the SEC indictment of SolarWinds means for security leadership
EU Tightens Cyber Security Requirements for Critical Infrastructure and Services
Organizations in "essential" sectors have until October 2024 to comply with the Network and Information…
Five Ways Security Teams Can Strengthen Business Relationships
Recent global events such as the pandemic have allowed security leaders to showcase the potential…
Navigating Security, Business Continuity, Through a Downturn
With inflationary pressures mounting and downturn fears hovering, it’s natural for organizations to scale back on their overall…
Five Ways Enterprises Can Boost Incident Preparedness
Security is not a primary area of expertise for most organizations so preparedness may fall…
The Hidden Risks of Industrial Control System manufacturers: Why ICS Environments are Vulnerable
Industrial control systems (ICS) such as programmable logic controllers, distributed controls systems, SCADA systems, and operational…
Four Data Security Challenges Set to Impact Organisations in the Coming Years
Data is the most durable, limitless commodity driving future economies and offering fresh insights for…
10 principles to ensure strong cybersecurity in agile development
The agile project management philosophy values speed, collaboration, communication, and interaction. Here are some best…
The Future Of Work Is Remote: How Organizations Can Prepare For Security Challenges
The fourth industrial revolution is here, and new technologies have the potential to change how…
Building the cyber security workforce of today
Cyber security staffing shortages are being driven by issues such as burnout, a lack of…
Eight Steps in Managing Cyber Risk Through A Downturn
I predict that for cybersecurity leaders, 2023 will not be an easy year. On the…
Hack on Japanese Port Shows How Compromised Operational Technology Can Have a Widespread Impact
Paul Holland shares his thoughts on protecting and securing the integrity and confidentiality of information within OT environments.
How organizations can navigate geopolitical and cyber risks in an interconnected world
Globalization and hyperconnectivity has made the world more interconnected and interdependent than ever before. The…
Security Middle East Conference: Chairperson’s key takeaways
The inaugural Security Middle East Conference was a major success for the security community. Over…
Walking the Tightrope: Navigating the risks and rewards of AI
Steve Durbin contributes to InformationWeek to chart the course for the responsible use of artificial intelligence.
Infosecurity Europe: Cyber Security Industry Still Fighting to Recruit and Retain Talent
Cybersecurity teams are struggling to find the right talent, with the right skills, and to…
Why Organisations Should Adopt a Cloud Security Framework
Steve Durbin outlines how choosing the right cloud cyber security framework can strengthen resilience across your entire cloud supply chain.
COSMICENERGY: A new threat to OT
Paul Holland provides insight into a possible new threat to operational technology environments, specifically those in the energy sector.
Navigating Supplier Risk Challenges to Shore Up Cyber Defences
Steve Durbin delves into the key challenges organisations should address in building resilience against supply chain risks.
Four Risks and Challenges of AI Democratisation for Businesses
Steve Durbin discusses the potential risks and challenges organisations could face as they increasingly build, use or rely on AI technologies.
Saudi Vision 2030: Digital challenges and opportunities
Dan Norman, Regional Director, EMEA for the ISF, looks at the challenges and opportunities Saudi…
Top Risks and Best Practices for Securely Offboarding Employees
Outgoing employees pose significant security risks to organizations. Here are some of the major issues…
Invest in Developing a Human-Centred Security Program
Steve Durbin explores steps to developing a human-centred security program that engages your workforce to better protect your organisation.
Five Cybersecurity Trends for the Middle East in 2023
Dan Norman predicts cybersecurity trends that are set to accelerate for the Middle East in 2023.
Achieving The Five Levels Of Information Security Governance
Steve Durbin offers advice on what strategies can be taken to make information security better connected to organisational goals and strategy.
Six Principles for Building Engaged Security Governance
Steve Durbin features in TechTarget to offer insight into engaged governance and the six principles that organisations should implement.
Security and the Business: It's good to talk
Paul Watts explores the shifting nature of business, the role of the security leader, and the impact of not aligning to each other’s goals.
Measuring Cyber Security: The what, why and how
Steve Durbin explores the ways security teams can best measure, analyse and report cyber security threats and performance
Navigating the Politics of Measuring Security
Richard Absalom explores the soft skills needed to navigate boardroom politics, ensuring measurements support decisions and drive action.
Build Cyber Resiliency With These Security Threat-Mitigation Considerations
Steve Durbin offers insight into how organisations can get on the path to developing a coherent security strategy.
It Pays to Know How Your Cybersecurity Stacks Up
Paul Watts, Distinguished Analyst for the ISF featured in Tanium magazine to share his thoughts on how security professionals can demonstrate value by adopting a shift-left mentality – a proactive stance for security that allows companies to become more agile and able to innovate.
Four Cyber Risk Trends to Watch in 2023 and How Businesses Can Mitigate Them
With cyber security becoming riskier, costlier and more complicated, Steve Durbin explores four key challenges to look out for in 2023.
Six Steps to Better Counter Supply Chain Risks
As vendor risk emerges as a top security priority, Steve Durbin provides tips you can adopt today to better manage your supply chains.
Five Top Qualities You Need to Become a Next-Gen CISO
Steve offers actionable guidelines to building and maintaining the skills and relationships that can take security leaders to the next level.
Threat Intelligence: Establishing a stream of trustworthy data
Dan Norman explores how you can create a steady stream of meaningful data that is actually relevant to your organisation.
Security Think Tank: To stop ransomware, preparation is the best medicine
Paul Watts details what you should be focussing on when thinking about business resiliency in the context of ransomware.
How Cyber Threat Intelligence Provides Security and Value to Business
Steve Durbin offers his thoughts on how enterprises can make the most out of threat intelligence for smarter security.
Best Practices to Help Strengthen Your Company's Security Culture
Human behaviour is one of the biggest challenges faced by security practitioners, leaders and cyber risk managers today.
Seven Practical Considerations for Effective Threat Intelligence
A background to the current state of threat intelligence, and practical guidance for security teams at all stages of its implementation.
Solve ICS Security Issues with ICS and IT Team Convergence
Threat actors are predicted to weaponise industrial control systems in order to harm or kill humans by 2025 - how should you prepare?
The Threat of Deepfakes and Their Security Implications
Steve Durbin discusses the cyber best practices and security controls you should be implementing now to mitigate the threat of deepfakes.
Securing Industrial Control Systems: The What, Why and How
Steve Durbin featured in Forbes to shed light on the best practices you should consider to better protect ICS environments.
How the Responsible Use of AI Can Create Safer Online Spaces
Steve Durbin offers recommendations for organisations to mitigate the potential risks and manage the ethical adoption of AI.
Organisations Cannot Prosper Without Trust: Five ways to boost trust with cyber security
Steve Durbin offers advice on how you can prevent the dilution of enterprise value and trust in the eyes of your stakeholders.
Five Trends Making Cyber Security Threats Riskier and More Expensive
As risks increase with the world becoming more digital, regulated, and interconnected, Steve Durbin offers steps to reduce their impact.
Cyber Insurance: An effective use of your scant security budget?
Paul Watts questions whether cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes.
Three Cyber Threats Resulting from Today's Technology Choices to Hit Businesses by 2024
Steve Durbin features in Dark Reading to discuss three major cyber threats that could result from today's hasty technology decisions.
Security Think Tank:
Balanced approach can detangle supply chain complexity
Francesca Williamson shares insight on how you can detangle the complexities of the supply chain and create better security practices.
Three Threats Dirty Data Poses to the Enterprise
Steve Durbin discusses three dirty data cyber security concerns, and how organisations can protect themselves against these emerging threats.
Ignoring Cyber Security Can Sour M&A Deals
Steve Durbin featured in Forbes to highlight key cyber security dimensions to consider when entering the merger and acquisition process.
Six Steps to Validate Cyber Incident Response Plans in Times of Conflict
Steve Durbin features in the World Economic Forum, offering considerations to consider when evaluating cyber incident response capabilities.
Five Ways to Secure the Supply Chain in Times of Conflict
Steve explains the five steps organisations can take to help mitigate potential threats against the supply chain and be better armed.
Three Unintended Consequences of Well-Intentioned Cyber Regulations
Steve explains how you can prepare against unintended consequences of cyber regulations, no matter how well-intentioned they might be.
What's Zero Trust, and What's Driving Its Adoption?
Steve Durbin deconstructs Zero Trust; explaining how it works, what the common misconceptions are, and what to consider before implementation.
7 Steps to Combat Cybersecurity Threats in Times of Instability
Steve Durbin outlines steps organisations and security teams can use to understand and prepare for potential threats in times of instability.
How Cybersecurity Leaders Can Add Value to M&A Deals
Steve Durbin offers advice on the M&A process: how you can mitigate risk and highlight to leadership the value of information security.
World's Largest Cybersecurity Benchmarking Study Finds that Top Executives Believe their Organizations are Not Prepared for New Era of Risk
ThoughtLab's press release for their study, providing evidence-based insights into the most effective cybersecurity practices and investments.
Cyber Risks for the Emerging 5G Era
Steve Durbin expands upon the risks, not only to individuals and businesses, but also to nations as 5G technologies transform communications.
Five Proactive Steps CISOs Can Take During Times of Instability
Steve Durbin outlines how CISOs can shift from being reactive to proactive, improving the overall resilience of their organisation.
5 Levers Lawmakers Can Use to Tackle Cybercrime
Steve Durbin breaks down each element of the cybersecurity framework presented in the recently released report led by the ISF with CC-Driver.
The Importance of Effective Cyber Risk Management
Dan Norman looks at what needs to be considered when evaluating the risks involved in an organisation’s security strategy.
Revised Scope of UK Security Strategy Reflects Digitised Society
The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one.
Four Major Cyber Risks in an Era of Tech Dominance
Read as Steve explores the technological risks that may lead to crises in the next decade in his latest article for Forbes.
Security Think Tank: Good training is all about context
Emma Bickerstaffe explores what makes a good security training programme and questions buyers should ask when procuring training as a service.
Positively Influencing Security Behaviour
Daniel Norman, ISF Senior Solutions Analyst, takes a closer look at 'Human-Centred Security' and how to achieve it.
How to Secure a Smart City
Dan Norman discusses the security challenges ahead with the continued shift to smart cities becoming an attractive target for cyber attackers.
Confronting Pervasive Cyber Threats for 2022 and Beyond
Discussing key pervasive cyber threats for 2022, Steve Durbin's recent Forbes article presents a strong foundation for security teams.
The Six Best Practices to Prevent Ransomware Infection
Read Steve Durbin's latest article addressing the most common ransomware attack techniques whilst offering guidance on their prevention.
10 Cognitive Biases that can Derail Cybersecurity Programs
Read Steve Durbin's latest article highlighting the impact of the unconscious mind upon cybersecurity vulnerabilities.
Is the IT Sector Beset by Fear-Mongering?
Paul Watts features in this Computer Weekly article aimed at helping security professionals lead with knowledge, rather than react with fear.
Security Think Tank: Reframing CISO-boardroom relations
Read Emma Bickerstaffe's latest article for Computer Weekly as she offers CISO's food-for-thought following the pandemic.
"log4j 2" - a perfect way to ruin a security professional's weekend
By now Members will be very familiar with the concern around the 'log4j 2' remote code execution vulnerability; Apache's java-based logger library also known as 'Log4Shell'. This vulnerability is filed as CVE-2021-44228 in the NIST National Vulnerability Database.
Zero Trust: Five Misconceptions Every Business Should Avoid
Cybercrime is a major threat to every industry and organization in the world. No wonder global entities are desperately seeking a silver bullet that can somehow neutralize cybersecurity threats.
Dissecting the true value of SASE is a challenge
As a relatively nascent technology that is getting a lot of publicity, dissecting the true…
Maritime Cyber Security: A Global Challenge Tackled through Distinct Regional Approaches
Maritime cyber security is an emerging issue that requires immediate attention, according to the International Maritime Organization (IMO). Feedback received from global shipping professionals indicate that a common threat to the industry, such as cyber security, is dealt with differently among industry practitioners around the globe.
Why Does Ransomware Still Work?
Paul Watts, distinguished analyst, contributes to how ransomware has managed to retain its high profile in cybercrime for Computer Weekly.
Zero Trust: An Answer to the Ransomware Menace?
By Steve Durbin, Chief Executive of the ISF. Zero trust isn't a silver bullet, but…
Federal Cybersecurity Directive Spotlights Aging Computer Systems
Chronis Kapalidis, Principal at the ISF featured in WSJ. Many of the cybersecurity gaps outlined…
Is cyber insurance a worthwhile investment?
Here are five questions to help determine if your company needs cyber coverage. The cyber…
Understanding And Responding To Ransomware Threats
To pay or not to pay? Notwithstanding the ethical and emerging federal legal liability issues…
Demystifying zero trust and how it helps with ransomware
Zero trust is a strategy organisations will need to look at implementing in the same…
Prepare, respond, resume
Dan Norman, senior solutions analyst at the Information Security Forum, guides us through the key…
Embracing vulnerability management for the greater good
It is important to recognise that although setting out a policy and process for RD…
The next wave of cyberattacks will have 5G to thank
Given the high stakes, security should be at the forefront of 5G rollout plans At…
Giant Group cyber attack prompts renewed calls for statutory regulation of umbrella companies
The speed of the outage and the protracted nature of the recovery bears all of…
Artificial Intelligence: The Future Of Cybersecurity?
The number of devices and associated challenges are far too many. IIoT devices possess limited…
A response to planned data protection changes
As the UK chases a Brexit dividend to open up non-EU markets to UK businesses…
An Effective Supply Chain Starts With Security
For more advanced, sophisticated supply chains, it’s about continually going back over it to increase…
How criminals use artificial intelligence to fuel cyber-attacks
AI systems and can be entrenched by programmers or specific data sets. Unfortunately, if this…
What CISOs need to know about Wi-Fi 6E
Until now, there were limitations on some of the heavier network related devices like virtual…
What are the risks associated with personal, unsanctioned apps on corporate devices and why?
From a security perspective, what are the personal apps/app types that you think CISOs should…
Commercial Shipping Is the Next Cybersecurity Challenge
there is a misbelief that ships are not vulnerable to cyber incidents, leading to an…
Are 5G Networks Setting The Stage For A New Wave Of Cyberattacks?
...the sheer volume and velocity of 5G networks, combined with the complex infrastructure and heavy…
The transport threat
Ransomware will proliferate over the coming years, with attackers locking individuals into, or out of,…
Adapting InfoSec for Container Security
Containerization has effectively become the new normal for expediting app delivery and improvements; security concerns…
NCSC head champions UK-Israeli cyber relationship amid spyware accusations
Organisations often have the best of intentions when creating some of these types of software,…
A return to the office is not a return to normal
Perhaps the biggest change that CISOs need to accept is that hybrid working is how…
The Trouble With Automated Cybersecurity Defenses
Speed and accuracy in identifying and responding to threats are the alluring promises of automated…
Questions To Ask To Help You Prepare For A Cyberattack
Develop a holistic backup strategy that covers all systems and core infrastructure services. Steve Durbin,…
Top 5 cybersecurity challenges in the hybrid office
The pandemic has caused a tectonic shift in how we live and work. Many companies…
How a Security Architecture Can Keep Your Organization Upright Amid Future Upheaval
By Steve Durbin, Chief Executive of the ISF As organizations claw their way back from…
Time to accept printers will leak data
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses…
Designing and Building a Security Architecture
Ultimately, a well-designed security architecture will enhance understanding, simplify decision-making, improve efficiency and contain costs.…
Watch this space
Satellites support so much of our business infrastructure, but being in space doesn't make them…
Ransomware Is Everywhere — Here’s What You Need To Consider
Steve Durbin is Chief Executive of Information Security Forum. He is a frequent speaker on the…
What the FLoC? Everything you need to know about Google’s new ad tech that aims to replace third-party cookies
First party cookies are really useful. For instance, they mean you don’t have to log…
The case for vaccine passports: the real world versus the digital world
Distinguished Analyst Andy Jones and Senior Analyst Alex Jordan, both of the ISF, take opposing…
Threat Horizon 2023: Four Evolving Threats That Should Be On Your Radar
The mass migration of people out of the workplace and into the home prompted a sharp rise in cybersecurity incidents.
The Challenge Of Continuous Assurance For Supply Chains
Building resilience and agility into a supply chain to cope with fluctuations in demand and meet business goals is a major challenge.
6 Tips for Managing Operational Risk in a Downturn
By Steve Durbin, Chief Executive of the ISF Coping with heightened operational risk during a…
How Cyber Security Criminals Exploit the 'Accidental Insider'
In the first of his regular new information security columns for Security Middle East, Daniel…
Eurasia Risks 2021 - Global Cyber Crisis
The first nation state to develop technologies such as AI, 5G, robotics and quantum computing…
Eurasia Risks 2021 - Digital Totalitarianism
Highly connected ecosystems of digital devices will enable the harvest, repurpose and sale of sensitive…
The new reality of a world online
Interview with Steve Durbin, Chief Executive of the ISF and The European The combination of…
How To Develop A Human-Centered Security Program
While many organizations have a security awareness training program in place, few trigger real behavior change or...
How Retailers Can Tackle Supply Chain Data Risk
By Steve Durbin, Chief Executive of the ISF Make security a core consideration in procurement…
Technology Is Just A Tool: Why People Are The Heart Of Everything We Do In Business
The idea that technology can solve all our problems is seductive. It seems like every product vendor claims to...
Security Think Tank: Towards a united state of security
By Jordon Kelly, Research Analyst at the ISF Of his new national security appointments, president…
Three Steps to Securing Supply Chains Under Pressure
By Steve Durbin, Chief Executive of the ISF You need to establish continuous monitoring across…
Eight Cyber Challenges In An Uncertain World
With the pandemic precipitating a health crisis that continues to threaten the global economy and the real possibility of a...
Six Ways A Good Leader Can Become A Great Leader
Many people can become good leaders. After all, you can learn how to communicate and how to be a better listener; you can...
Cybercrime to Scale New Heights in 2021: What Can You do About it?
By Steve Durbin, Chief Executive of the ISF With the pandemic precipitating a rapid acceleration…
Words of advice for President Biden’s new CISO
By Steve Durbin, Chief Executive of the ISF Cybersecurity should sit at the core of…
Security Think Tank: Time to rethink stopgap solutions
By Paul Holland, Principle Research Analyst at the ISF Home working assumes a certain level…
Look for GDPR fines to increase, extend beyond breaches
organizations should in particular note the extent of fines levied by regulators for infringements that…
Five Threat Vectors Destined To Make Waves In 2021
By Steve Durbin, CEO of the Information Security Forum, and Forbes Business Council Member Building…
New Year’s Resolutions for the Board in 2021
By Steve Durbin, CEO of the ISF Maturing your organization’s ability to detect intrusions quickly…
AI’s Two Achilles’ Heels Keep Me Up at Night
All the social techniques cybercriminals currently employ could be improved immeasurably with the help of…
Where to Focus Security Resources Mid- and Post-Pandemic
By Steve Durbin, CEO of the ISF Business leaders will inevitably need to make difficult…
Cybersecurity Must Be the Top Priority for the Board in 2021
By Steve Durbin, CEO of the ISF Leading the enterprise to a position of readiness,…
10 Benefits of Running Cybersecurity Exercises
By Steve Durbin, Managing Director of the ISF. There may be no better way to…
2020 Work-for-Home Shift: What We Learned
One area that organizations need to deal with is the rise of the insider threat,…
Privacy 2020: From Prepared to Alarmed, the Year the Rubber Hit the Road
With 2020 coming to a close, SC Media is delivering through a series of articles…
Cybersecurity in 2021: 5 Trends Security Pros Need to Know
The insider threat is one of the greatest drivers of security risks that organizations face…
ISF Proposal for “Human-Centered Security” Focuses Security Awareness on People’s Interactions With Technology
How can security keep pace with a cyber threat landscape that rapidly becomes more sophisticated…
Practical tips and advice for personal IoT security
By Daniel Norman, Senior Solutions Analyst at the ISF A large portion of IoT-related breaches…
Top Global Security Threats Organizations Will Face in 2021
Attackers will continue to be presented with the tools and opportunities to target and exploit…
Ransomware attacks target backup systems, compromising the company ‘insurance policy’
The success of ransomware is reliant on whether or not the target organization has patched…
Eight Steps To Building A Human-Centered Security Culture
By Steve Durbin, Managing Director, Information Security Forum, and Forbes Business Council Member Ransomware, phishing,…
Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand
Payment of a ransom is also a contentious discussion – in many cases the ransom…
New Information Security Forum Research Explores Human-Centered Security
Technology and processes should complement behavior, not add friction and impede productivity... Steve Durbin, Managing…
Websites Requiring Security Software Downloads Opened Door to Supply Chain Attack
I, for one, am wary if a website asks me, unprompted, to download anything. It…
CISA Warns Public About Online Holiday Shopping Scams
Also, beware of email “offers” from companies you don’t recognize and even those that you…
Changing Employee Security Behavior Takes More Than Simple Awareness
A human-centered security program helps organizations to understand their people and carefully craft initiatives that…
Why Security Awareness Training Should Be Backed by Security by Design
As a starting point, an individual will always choose to be productive in their current…
Information Security Forum Research Dives Into the Need for Human-Centered Security
A typical strategy should aim to reduce the number of security incidents and improve the…
Information Security Forum Addresses Global Security Issues at 31st Annual World Congress
The Information Security Forum (ISF), the trusted source that senior security professionals and board members…