12 matches found
Mitigate or Fail: How Risk Management Shapes Cybersecurity Competency
Contemporary cybersecurity governance assumes that professionals apply risk reasoning. Yet major organisational failures persist despite investment in tools, staffing, and credentials. This study investigates the structural source of that paradox. Cybersecurity speaks the language of risk, but it...
Gamifying Cyber Governance: A Virtual Escape Room to Transform Cybersecurity Policy Education
Serious games are gaining popularity as effective teaching and learning tools, providing engaging, interactive, and practical experiences for students. Gamified learning experiences, such as virtual escape rooms, have emerged as powerful tools in bridging theory and practice, fostering deeper...
Data Protection and Corporate Reputation Management in the Digital Era
This paper analyzes the relationship between cybersecurity management, data protection, and corporate reputation in the context of digital transformation. The study examines how organizations implement strategies and tools to mitigate cyber risks, comply with regulatory requirements, and maintain...
Leveraging Digital Twin-As-A-Service Towards Continuous and Automated Cybersecurity Certification
Traditional risk assessments rely on manual audits and system scans, often causing operational disruptions and leaving security gaps. To address these challenges, this work presents Security Digital Twin-as-a-Service SDT-aaS, a novel approach that leverages Digital Twin DT technology for automate...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company’s cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company’s cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company’s cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets
You're probably familiar with the term "critical assets". These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the...
The winding road to compliance
“Here are the keys. Buy milk and bread. Drive safely.” These are important instructions for a new driver tasked with running an errand. But unless the driver knows where they are going, a bit of guidance on how to get to the store can only help. Without it, the driver may complete the errand...
A week in security (December 14 – December 20)
Last week on Malwarebytes Labs we kept you updated on the SolarWinds attack, we warned about the special dangers that come with the Christmas season, published a threat profile for the Egregor ransomware, warned how a lead generation scam was targeting potential Malwarebytes MSP partners, and...
NCSC-NZ Releases Cyber Governance Resource for Leaders
The New Zealand National Cyber Security Centre NCSC-NZ has released an article on a new cybersecurity governance resource to support public and private sector leaders in making decisions about their cybersecurity resilience and risk. NCSC-NZ developed this governance—a series of documents with...
The Value of Governance in Minimizing Cybersecurity Incidents
Part Two of a Three Part Series Since Equifaxs September 15th statement about their well-publicized, broadly discussed major security incident, Coalfire has fielded multiple inquiries from clients who are wondering if such an incident could happen to them, and if there is anything that they can d...