Peer-Driven Insights

Security & GRC

Featured One-Minute Insights

Active Ambassadors in This Topic

JM Financial Services Ltd

Travel and Hospitality, 1k - 5k

Community Posts

Over reach by an aggressive prosecutor ?6%

UBERs prior CEO should be the one charged ?47%

This sort of payment/use of bug bounty happens routinely ?22%

CISOs/CSOs are now on notice for the actions they take ?16%

I am going to do a deep dive on my bug bounty program immediately ?2%

Most companies do some sort of breach coverup - especially when it comes to potential IP theft?4%

View Results

Other C-suite individual (please specify)6%

Difficult to say.2%

View Results

Building an effective incident response plan31%

Educating and training employees on cybersecurity59%

Enforcing password and access management50%

Protecting endpoint devices41%

Integrating security solutions23%

Embracing the cloud9%

View Results

Featured One-Minute Insights

How are U.S. CISOs Addressing Liability Risk?

Active Ambassadors in This Topic

Rathik Pathak

Community Posts

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

What do folks think of this ?https://www.npr.org/2020/08/20/904113981/former-uber-executive-charged-with-paying-hush-money-to-conceal-massive-breach

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Who has the purchasing power at your organization when it comes to security?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Do you have a lock out policy for system accounts? If so, how many attempts do you have it set too? Have you considered not having a lock out policy where accounts are vaulted / rotated & standing access is removed?

How can the risk management function be strengthened to counterbalance overly aggressive executive decisions?

How have you dealt with employee pushback on the addition of new controls, especially for monitoring? Do you address their concerns around privacy, etc, proactively to get their buy-in?

What steps do you typically take when you notice a security team member becoming less and less engaged? How do you approach them to diagnose/address the issue?

What area(s) do you think your organization should improve to strengthen its cybersecurity posture?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

Which cybersecurity metrics do you currently use with your board?

Community Posts

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

What do folks think of this ?https://www.npr.org/2020/08/20/904113981/former-uber-executive-charged-with-paying-hush-money-to-conceal-massive-breach

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Who has the purchasing power at your organization when it comes to security?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Do you have a lock out policy for system accounts? If so, how many attempts do you have it set too? Have you considered not having a lock out policy where accounts are vaulted / rotated & standing access is removed?

How can the risk management function be strengthened to counterbalance overly aggressive executive decisions?

How have you dealt with employee pushback on the addition of new controls, especially for monitoring? Do you address their concerns around privacy, etc, proactively to get their buy-in?

What steps do you typically take when you notice a security team member becoming less and less engaged? How do you approach them to diagnose/address the issue?

What area(s) do you think your organization should improve to strengthen its cybersecurity posture?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

Which cybersecurity metrics do you currently use with your board?

What do folks think of this ?
https://www.npr.org/2020/08/20/904113981/former-uber-executive-charged-with-paying-hush-money-to-conceal-massive-breach

Do you have a lock out policy for system accounts? If so, how many attempts do you have it set too?

Have you considered not having a lock out policy where accounts are vaulted / rotated & standing access is removed?

What do folks think of this ?
https://www.npr.org/2020/08/20/904113981/former-uber-executive-charged-with-paying-hush-money-to-conceal-massive-breach

Do you have a lock out policy for system accounts? If so, how many attempts do you have it set too?

Have you considered not having a lock out policy where accounts are vaulted / rotated & standing access is removed?