Filter By:



Recent Blogs & Podcasts

Insights Portal


February 1, 2018 | Risk Management

 IANS Risk Register Tool (Updated)

Building a Risk Register is a critical undertaking for organizations of all sizes, and there are a number of factors that contribute to its accuracy and success. This tool (updated to include the latest PCI DSS 3.2 requirements) offers a step-by-step guide for identifying risk and harm, calculating exposure and adopting appropriate security controls. 

Read More »

January 31, 2018 | Threats & Incidents

 Overview of Cyber Attackers in 2017

External parties were among the key perpetrators of cyber attacks in 2017, including random cyber criminals (34%), competitors (23%), and vendors/suppliers (18%). However, insiders are also key perpetrators, usually through errors.

Read More »

January 31, 2018 | Vulnerability Assessment and Management
By Marcus Ranum, IANS Faculty

 Structure a Low-Profile Bug Bounty Program

While Google's bug bounty program is well designed and provides rich rewards, not every organization can operate at that high level. In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum describes how to build a well-structured, low-profile program that encourages participation using a more realistic reward scale. 

Read More »

January 30, 2018 | Enterprise and IT Compliance Management

 IANS General Data Protection Regulation (GDPR) Checklist

With all the noise, panic and questions about the EU’s new General Data Protection Regulation (GDPR), it’s difficult to discern the right mix of policies, procedures and technologies to ensure compliance. This checklist helps prioritize the practical steps you can take today to ensure your organization is fully prepared when the ruling comes into full force this May.

Read More »

January 30, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Steve Coplan, IANS Faculty

 Cloud Key Management Services: An Overview

Moving to the cloud is fraught with critical decisions, not the least of which is key management. in this Ask-an-Expert written response, IANS Faculty Steve Coplan explains the challenges in implementing strong cloud key management and provides an overview of cloud service provider and partner offerings, as well as newer as-a-service options.

Read More »

January 25, 2018 | Patch Management
By Josh More, IANS Faculty

 Streamline Patching for Third-Party Apps

Patching Windows systems is difficult enough without adding third-party tools like Java, Adobe and others to the mix. In this Ask-an-Expert written response, IANS Faculty Josh More explains how achieving patch management maturity requires a combination of imaging, deployment, patching and vulnerability scanning technologies, plus a large degree of automation.

Read More »

January 24, 2018 | Key Technologies

 Most Companies Plan to Increase Public Cloud Use by 2020

The continued shift to the cloud is no secret, and a survey of IT executives at 90 organizations found that while just 40 percent currently have more than 10 percent of their workloads in the public cloud, 80 percent expect to have that amount in public-cloud platforms by 2020.

Read More »

January 24, 2018 | Security Policies and Strategy
By Rich Guida, IANS Faculty

 Create a Security Roadmap from Scratch

Creating a security roadmap that both keeps the organization secure and gets top management on board is no easy feat. In this Ask-an-Expert written response, IANS Faculty Rich Guida explains how the best plans address an organization's most critical risks while showing agility and improvement over time. 

Read More »