From Security Weekly WikiJump to navigationJump to search
- Burnt out CISOs are a huge cyber risk - Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?
- To Build Strategy, Start with the Future - Mark Johnson, cofounder of the consulting firm Innosight, says that too many managers develop strategy while focusing on problems in the present, and that’s especially true during a crisis. Instead, he argues, leaders should imagine the future and work backward, so they can build their organization for that new reality.
- The problem with PowerPoint - Walking through slides doesn’t work. Here's a few tips to make your presentations better:
- Think about your story
- Send people a memo
- Know when and how to show visuals
- Own the room
- Challenging the Boss - Do you fear speaking frankly with your supervisor? Dear HBR talks through what to do when your boss micromanages your output, you want to set boundaries for better work-life balance, or your new supervisor is eagerly volunteering your team for too many projects.
- 78% of Organizations Use More than 50 Cybersecurity Products to Address Security Issues - According to the third-annual Oracle and KPMG Cloud Threat Report 2020,a survey of 750 cybersecurity and IT professionals across the globe found that a patchwork approach to data security, misconfigured services, and confusion around new cloud security models has created a crisis of confidence. Key finding include:
- 75 percent of IT professionals view the public cloud as more secure than their own data centers
- 78 percent of organizations use more than 50 discrete cybersecurity products to address security issues; 37 percent use more than 100 cybersecurity products
- 59 percent of organizations shared that employees with privileged cloud accounts have had those credentials compromised by a spear phishing attack
- Based on the results of the study, the most common types of misconfigurations are:
- Over-privileged accounts (37 percent)
- Exposed web servers and other types of server workloads (35 percent)
- Lack of multi-factor authentication for access to key services (33 percent)
- COVID-19 pandemic accelerates transformation in enterprise security - Organizations must retool their policies and invest in security programs to acclimate to a post-COVID-19 business landscape. The proliferation of cloud environments and the related expanded use of external partners means there will be an even sharper focus on disciplines such as IT governance and vendor management for the foreseeable future.