Cybersecurity Team | Breaking Cybersecurity News | The Hacker News

In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it.  What is it and do they need it? And with what time will they spend researching how to integrate cyber insurance into their strategy?  For small security teams, this is particularly challenging as they contend with limited resources. Luckily, there's a  new eBook  dedicated to helping small security teams better understand cyber insurance policies and how they may impact an organization's cybersecurity measures. Background In 1997, the "Internet Security Liability" (ISL) insurance policy was launched at the International Risk Insurance Management Society's convention in Honolulu. Underwritten by AIG, ISL insurance was designed to protect ecommerce retailers like Amazon that were collecting sensitive customer data and storing it on internal networks. It is credited as one of the very first cyber insurance policies to be made ava

What on earth were they thinking? That's what we – and other security experts – were wondering when content giant Patreon recently dismissed its entire internal cybersecurity team in exchange for outsourced services. Of course, we don't know the true motivations for this move. But, as outsiders looking in, we can guess the cybersecurity implications of the decision would be inescapable for any organization. Fire the internal team and you take a huge risk Patreon is a content-creator site that handles billions of dollars in revenue. For reasons unknown to us, Patreon fired not just a couple of staff members or someone in middle management. No: the company fired its entire security team.  It's a big decision with significant consequences because it results in an incalculable loss of organizational knowledge. At the technical level, it's a loss of soft knowledge around deep system interdependencies that internal security experts will just "know" about and ac

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.