Is Zero Trust a genuine strategy in cyber security or purely a marketing gimmick?

Security & GRC Threat & Vulnerability Management

Genuine strategy in cybersecurity.63%

Purely a marketing gimmick.28%

Unsure.7%

751 PARTICIPANTS

3.8k views2 Comments

Director in Manufacturing, 1,001 - 5,000 employees

In theory it’s a great practice
In practice it’s too much theory
Harder to execute than most will expect

1 Reply

IT Service Desk Lead in Transportation, 501 - 1,000 employees

I think it depends on org age, size, and culture.

Content you might like

When migrating to the cloud, what's the top security issue that concerns you?

Cloud Security & GRC

Data security52%

Shared resources/services34%

Compliance11%

Other: please specify.1%

697 PARTICIPANTS

2.5k views5 Upvotes1 Comment

Would anyone be willing to share best practices about how their organization deals with ensuring Cookie Compliance, specifically to GDPR rules? Where should this sort of compliance review sit in an organization? The particular issue we have is who should review new web deployments that use cookies and to make the decisions on whether Cookies are Strictly Necessary or Functionality Cookies. For example is a Cookie required for a Live Chat to work Functionality or Strictly Necessary? Our Security team does not consider taking on these compliance reviews as their domain, as Cookie Compliance is not an internal security matter and the Data Protection team has a limited interest as the GDPR rules around Cookies apply in case of any Cookie being used by a website, whether or not it contains personal data.

Security & GRC Regulatory Compliance

Head of Cyber Security in Manufacturing, 501 - 1,000 employees

I would say, DPO and Security team both shall be involved and work hand in hand.

Most of the time the legals and or DPO don't have the technical acumen to understand when data is floating to third party services.

Lets ...read more

463 views1 Comment

Is vulnerability management given adequate priority in your organization?

Threat & Vulnerability Management Threat Intelligence & Incident Response Risk Management

More than adequate13%

Adequate75%

Less than adequate10%

Completely inadequate1%

222 PARTICIPANTS

968 views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & Leadership Strategy & Architecture Cloud +57 more

CTO in Software, 201 - 500 employees

Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

Read More Comments

46.8k views133 Upvotes324 Comments

What are some effective ways to get buy-in from leadership to establish your first security PMO?

Security & GRC Security Strategy & Roadmap Internal CXO Relationships

Head of Information Security in Services (non-Government), 1,001 - 5,000 employees

The first thing you need to do is assess the maturity of your security program and then establish a roadmap of projects based on industry standard frameworks. Based on that assessment, you can develop an associated budget ...read more

148 views1 Comment