9 policies and procedures you need to know about if you’re starting a new security program

P2PE is not what your CIO thinks it is Email not displaying correctly? View it in your browser.

CSO Update Mar 18, 2018 9 policies and procedures you need to know about if you're starting a new security program Any mature security program requires each of these infosec policies, documents and procedures. Read More ▶ Your Must-Read Stories • P2PE is not what your CIO thinks it is • New CISO appointments, March 2018 • Getting to the root (cause) of the problem • Cryptomining: the new lottery for cybercriminals • Getting to know your company's risk appetite • GDPR: Look out for 'right to be forgotten storms' ahead White Paper: Bitsight How Automating Third-Party Risk Management Helps Banks and Financial Institutions Address New Regulatory Requirements Banks & financial firms have long been aware of the need to manage risk in third-party partners & most have a formal program for managing that risk. Yet an existing thirdparty risk management (3PRM) program may not address today's increased levels of outsourcing & new regulatory requirements for cybersecurity. Together, these factors are prompting financial institutions to take a fresh look at the strengths & focus of their 3PRM strategy. Read More ▶ P2PE is not what your CIO thinks it is All of the things you wanted to know about point-to-point encryption (P2PE), but were too afraid to ask. Read More ▶ New CISO appointments, March 2018 Find up-to-date news of CSO, CISO and other senior security executive appointments. Read More ▶ Getting to the root (cause) of the problem The security response process is a natural source of feedback for any software security program. Read More ▶ Cryptomining: the new lottery for cybercriminals With more than 500 million PCs actively mining cryptocurrency worldwide, you have to wonder how many compromised websites exist. Read More ▶ Getting to know your company's risk appetite Your employees make risk/reward decisions daily. Have you defined risk boundaries for them? Unwanted risk or missed opportunities happen without clear direction. Read More ▶ GDPR: Look out for 'right to be forgotten storms' ahead Thousands of EU citizens may ask data controllers to erase their records by the end of May. Will organizations be ready for this coming GDPR storm? Read More ▶ White Paper: Iron Mountain Important Considerations Concerning SITAD In Rush to Cloud Organizations wanting to follow best practices for regulatory compliance, governance & IT security may benefit from third-party expertise to help them complete the lifecycle of data & systems. For the before-and-after details surrounding cloud migration projects and ITAD, look for expert providers who can speak to all aspects of the data lifecycle - from ongoing data management to cloud data migration, cloud backup & final IT asset disposition. Read More ▶ CSO Insider 1. Security vs. visibility: Why TLS 1.3 has data center admins worried 2. 8 hot cyber security trends (and 4 going cold) 3. 5 top machine learning use cases for security 4. Top security certifications: Who they're for, what they cost, and which you need 5. How to write an information security policy Editor's Picks 1. 10 security buzzwords that need to be put to rest 2. The buck stops here: 8 security breaches that got someone fired 3. 12 famous (and infamous) IT security disasters 4. 15 real-world phishing examples — and how to recognize them 5. The 10 sneakiest hacker attacks

You are currently subscribed to CSO Update as jonsan98@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy Learn more about Copyright © 2018 CSO Online, 492 Old Connecticut Path, Framingham, MA 01701 Please do not reply to this message. To contact someone directly, send an email to newsletters@idg.com.