6 Strategies to Help Reduce the Scope of Compliance
Limiting the scope of cybersecurity compliance requirements is a crucial strategy for organizations to manage costs, complexity, and risk effectively. Here are six strategies for maintaining the privacy and security of your sensitive data in a pragmatic way. Security by design By observing security by design principles before implementing systems, organizations can significantly reduce cybersecurity […]
Vulnerability neutralized: Safeguarding Canadian Retail Against Cyber Threats PART TWO
In part two of a two-part series, we speak to Gerard Dunphy, ISA Cybersecurity’s Offering Leader – Detection, Response & Recovery, to share his insights on retail cybersecurity. Gerard is one of Canada’s foremost experts on managing cyber incidents and has been involved in the recovery efforts after some of the country’s highest-profile cyber attacks. […]
Using NIST CSF v2.0 as a Security Springboard
Normally, an update to a cybersecurity regulation or standard isn’t seen as a cause for celebration in many organizations. If your compliance goals are solely to meet regulatory requirements, then an update introduces new requirements. And that means more time, effort, and resources will be required. The NIST Cybersecurity Framework (CSF) is a bit different. […]
Vulnerability neutralized: Safeguarding Canadian Retail Against Cyber Threats
The doors are locked, the systems are down, and business has come to a halt – it’s the fear all Canadian retailers face. And when a cyber attack succeeds, we all feel the impact. Cybersecurity in the Canadian retail sector has again made headlines in recent weeks with the attack on London Drugs. But before […]
Implications of AI for Cyber Defense
The emergence of ChatGPT and other publicly-available generative artificial intelligence (GenAI) has ushered in a boom in interest, development, and adoption of AI. Many organizations are exploring how they can integrate AI into their business and the potential benefits that it could provide. (And frankly, those that haven’t, should be!) One of the potential applications […]
Why you should outsource your SIEM management today
Whether you are just starting to grow your organization’s security program, or are looking to optimize your current setup, outsourcing your Security Information and Event Management (SIEM) to a Managed Security Services Provider (MSSP) may be the right move for you. Why? Monitoring your own SIEM in your own SOC is a challenge. The majority of the […]
Comparing UK and Canadian Data Privacy Laws
Data privacy laws have grown much more numerous and powerful in recent years. The enactment of the General Data Protection Regulation (GDPR) in 2018 spurred many jurisdictions to create or update their own data privacy laws. In addition to the sheer number of laws, some of the biggest challenges for companies attempting to achieve compliance […]
Streamlining Cybersecurity: Benefits and Risks of Product and Service Consolidation
Tackling cybersecurity solution sprawl can be one of the toughest challenges you and your team face. There’s a dizzying array of choices out there – a recent analysis identified over 3700 cybersecurity vendors offering nearly 8200 products across 17 categories – so chances are that you are dealing a lot of them. Let’s examine the […]
Establishing Cybersecurity ROI
Four Steps to Defining Cybersecurity ROI Ever faced these chilling words from your boss or the board when proposing a cybersecurity investment: “What’s the ROI?” When trying to justify a new security tool or service, additional headcount, process change, or bigger budget, the topic of Return On Investment (ROI) will come up. It always does. […]