The final version of the National Institute of Standard and Technology (NIST)’s Special Publication (SP) 800-53 Revision 5 is on the horizon for 2019. What does the initial public draft tell us about what we can expect in its final version? Even more importantly, what does it mean for organizations…
Read More
X-Force Red is an autonomous team of veteran hackers within IBM Security that is hired to break into organizations and uncover risky vulnerabilities that criminal attackers may use for personal gain. Our team recently unveiled new statistics collected from its penetration testing engagements. One statistic that stood out, although not…
Read More
Cyber risks have been a top concern of global leaders for a while now, with cyberattacks appearing four times as a top-five risk by likelihood in the past decade. This year, leaders ranked two technological risks in the top 10 by impact: cyberattacks in seventh place and critical information infrastructure…
Read More
How you respond to a data breach matters. In today’s world, most companies have documented policies and technologies that can help prepare them for grappling with a cyber intruder, but in many cases those tactics are insufficient — focusing more on answering questions about the incident itself and less about…
Read More