Sage Advice - Cybersecurity Blog

Cybersecurity Maturity: Tiers and Goals

Achieving cybersecurity maturity is something that organizations should strive to reach over time. Once an organization has a mature cybersecurity program, they will be equipped with the knowledge and power to adapt to the ever-changing threat landscape – a key to becoming a resilient organization. It sounds simple, but gaining cybersecurity maturity is a fluid, never-ending work in progress that should always be improved upon. Let’s dive in.

Read More

Topics: Cybersecurity, Security Policy, Cybersecurity Culture

Four Cybersecurity Myths to Bust Instantly

In today's threat environment, we can count on the fact that there will be more spectacular breaches to come. The bad guys will always get in. It's time to acknowledge that reality and take action.

In our experience, many organizations who are just getting started on their path to cyber resiliency have a few misconceptions when it comes to cybersecurity. These myths must be busted in order for organizations to defend themselves against the risks they face. Here are four of the most common myths that must be cleared up.

Read More

Topics: Security Policy, Cybersecurity Culture

Cyber as a Domain: A Government Pledge

State-sponsored cyberattacks from national agencies or affiliates are a rising concern. Even though U.S. cyber-responses have become more prevalent, foreign hackers still pose a powerful threat, given the ever-changing threat landscape and heightened abilities of these adversaries.

Read More

Topics: Sage News, Threat Advisories, Threat Intelligence, Cybersecurity Culture, Cybersecurity Awareness

5 Lessons Learned at our Ransomware Cybersecurity Summit

Local governments and school districts are falling victim to ransomware attacks with alarming frequency and devastating consequences. At any organization, having tools in place to improve cyber resilience is a necessity, especially as hackers get more sophisticated every day.

Read More

Topics: Cybersecurity Culture, Ransomware, Cybersecurity Awareness

Measuring Cybersecurity Success

Many CISOs struggle to build a compelling business narrative around their cybersecurity efforts. So when they stand before C-execs or board members, they turn to quantitative measures to craft a basic blocking-and-tackling story (check out how many suspicious connections our firewalls blocked last quarter) and watch eyes glaze over. What’s missing from these number-packed tales, according to 2018 CyberCrime Symposium presenter Summer Fowler, is any business context.

Read More

Topics: Security Policy, CyberCrime Symposium, Cybersecurity Culture

Cybersecurity Awareness in the Workplace: Building a Cyber-Family

It’s a connected world, fueled by a connected workforce whose organizations live and die by their data. Now that they can plug-in from any device, traverse cyber-space, and communicate via email, IM, or VoIP, older employees forget they haven’t always worked this way. But Phil Bickford contends that the current digital age — marked by the mainstream adoption of technology, emerging social media, and mobility — is only around 15 years old. How mature, then, can workplace cybersecurity awareness be?

Read More

Topics: CyberCrime Symposium, Cybersecurity Culture, Privacy

Easy Tools to Help You Create Cybersecurity Checklists that Work

Documenting step-by-step processes that are easy to follow, repeatable, and transferable, is a great way to create institutional knowledge. It makes your organization more cyber mature, and therefore, more resilient. Checklists are one of the methodologies that you can use to make that happen.

Read More

Topics: Cybersecurity Culture, Risk Management

Checklists to Keep Your Cybersecurity Program on Track

It’s not unusual to encounter an organization that is using practical knowledge, a.k.a. tribal knowledge, to operate. Practical knowledge is what each individual professional knows in-practice and is able to perform, but isn't really documented anywhere. It may be about how hardware is configured, how applications are designed, or in some cases, it involves information about historical decisions. The issue with tribal knowledge is that it disappears from an organization when people move on.

Read More

Topics: Cybersecurity Culture, Risk Management

How Checklists Can Improve Your Cybersecurity Program

Checklists are a great tool for keeping us on track. Surgeon Atul Gawande argues in The Checklist Manifesto: How to Get Things Right, that the simple checklist – perhaps one of the most basic organizational tools — can improve the effectiveness of teams and individuals performing complex tasks. When his team introduced a two-minute checklist to eight hospitals as part of a research study in 2008, deaths were reduced by almost half.

Read More

Topics: Cybersecurity Culture, Risk Management

Cybersecurity Metrics Your Board of Directors Should Care About & Why

Businesses today are going through an incredible digital transformation – moving to the cloud, embracing the Internet of Things (IoT), implementing automation, etc. – all at a lightning fast pace. This is opening them up to new and expanding cybersecurity threats that are difficult to manage.

Read More

Topics: Cybersecurity Culture, Risk Management