Cybersecurity and Risk Management

If your organization is moving to cloud, you're not alone. In our most recent Cloud and Cybersecurity research study, we note that 2019 is "the year of cloud". Specifically, 56% of workloads are now in cloud, versus 44% on prem, either within data centers, or...

In the wake of out most recent round of cloud and cybersecurity research, I've been thinking about the slow evolution of application security and the evocative, if misleading, concept of "zero trust." Trust and Application Security, v. 1.0 I am (to my occasional astonishment) old enough to...

With a toll fraud prevention and mitigation strategy, enterprises can identify and mitigate potential toll threats – sometimes before they even happen. As No Jitter contributor Joyce Osenbaugh noted earlier this year, telecom fraud is on the rise. The Communications Fraud Control Association (CFCA)’s annual survey...

Should you outsource your SOC? As in so many things, the answer depends. In our most recent Cloud and Cybersecurity research study, we looked at which factors correlated to a cybersecurity organization's success, as measured by Mean Total Time to Contain (MTTC) security incidents.  We divided...

We spend a lot of time at Nemertes nailing down the metrics that define "success" for a particular initiative. To be useful, a success metric must be: Quantitative. If you can't measure it in numbers, it doesn't serve to measure progress. And if it's not something...

When it comes to cybersecurity, what differentiates highly successful enterprise technology organizations from their less successful counterparts can often be found in the metrics. Extremely effective cybersecurity organizations can detect a potential attack, determine whether it is or isn't an attack, and contain the damage...

A new Nemertes survey shows enterprises need to adopt third-party risk management programs that jettison manual checklists in favor of automated tools, hands-on risk assessments and dedicated risk teams. It's hardly news that the enterprise technology paradigm has shifted from on premises to cloud plus mobile....

Johna Till Johnson, CEO and Founder of Nemertes Research, became the Content Committee Chair for the Wall Street Technology Association (WSTA®) in January of 2019. After almost two decades of working with the WSTA in various capacities – including during her previous role as Chief...

Bellwether cybersecurity technologies -- advanced endpoint security, behavioral threat analytics and a trio of cloud-based apps -- are used by successful cybersecurity teams. Find out why. When it comes to cybersecurity, what differentiates highly successful enterprise technology organizations from their less successful counterparts can often be...

Should you be worried about the Chinese Supermicro spy chip revelations? In a nutshell, yes. If you're among the organizations using Supermicro server boards: Run, do not walk, to your server rooms and examine the boards in minute detail. And regardless of what server hardware you use,...

[caption id="attachment_4456" align="aligncenter" width="300"] DevOps is Coming! In character as Paul Revere. Photo by WSTA[/caption] Last month I presented the keynote at an afternoon seminar on Enterprise Architecture held by the Wall St. Technology Association (WSTA). I also moderated a panel session on the topic. Other presenters and...

As adoption of team collaboration applications grows, so do concerns related to governance, retention, and security of conversations stored within them. Organizations, especially those in regulated industries, have spent a great deal of time, money, and effort to build security strategies for their documents, email, and...