Access your Pro+ Content below.
One security framework may be key to cyber effectiveness
This article is part of the Information Security issue of May 2020, Vol. 21, No. 2
The risks associated with ineffective security can be dire, but one expert believes there's a security framework that stands above the rest in enabling effective cybersecurity processes for enterprises. SearchSecurity spoke with Adam Isles -- principal at The Chertoff Group, a security and risk management advisory firm based in Washington, D.C. -- about the top security risk trends for 2020, including an expectation that customers and business partners will demand better measurements for the effectiveness of cybersecurity processes and tools. While many security frameworks are considered good starting points, they aren't the most effective options for mitigating risk, Isles said, adding that enterprises would benefit from using the Mitre ATT&CK framework, as well as by joining an Information Sharing and Analysis Organization (ISAO) or Information Technology Information Sharing and Analysis Center (IT-ISAC). Editor's note: This interview has been lightly edited for length and clarity. The Chertoff Group's 2020 Security Risk ...
Access this PRO+ Content for Free!
Features in this issue
Companies now face sophisticated enemies using AI and machine learning tools for their attacks. It's a world of new dangers for those defending network systems and data.
Hackers will always try to creep in, and many will succeed. That's why effective detection and mitigation are essential. How are enterprises faring?
News in this issue
How to battle well-funded, technologically sophisticated threats and ensure high-quality network performance? CISOs need a plan to meet network challenges now and in the future.
Columns in this issue
The Mitre ATT&CK security framework could best enable effective cybersecurity, according to The Chertoff Group, as could joining information sharing and analysis organizations.
Even though organizations face threats coming from many sources, one type of cyberattack should be top of mind for CISOs: those backed by nation-states. Here's why.