Properly managing cybersecurity risks demands that corporate leadership understands the full potential impact on your business—including reputational and legal risks. This starts with a dialogue about the security risks at your organization—how serious they are, how critical prevention and risk mitigation are, and how sophisticated attackers have become at stealing user credentials and breaching supposedly protected systems.

As businesses onboard more mobile and remote employees, partners, contractors, and other external users, the volume of people needing access to critical systems and data grows exponentially. And while this increased connectivity provides tremendous operational and productivity benefits, it also creates new attack vectors for intruders and cybercriminals.

Another year, another Verizon Data Breach Investigations Report (DBIR), another depressing look into the state of global cybersecurity preparedness.  

What happens when stolen personally identifiable information (PII) is made public? Recently, the Federal Trade Commission (FTC) attempted to answer this question by designing and conducting a study to track the use of stolen information.

In IT security, it’s often said that a company’s employees are its weakest link. As technology grows increasingly user-friendly, and the rules of digital “ownership” blur, rogue employees—those who don’t follow the standard IT security rules for one reason or another—are emerging as a significant threat to corporate security.

The term shadow IT conjures up images of a malevolent, invisible force that poses a threat to security policies. Sounds scary, right? While shadow IT does have the ability to create a bottleneck, it tends to occur in the most benign of situations.

At a certain point in your ongoing push to modernize security at your organization comes the moment of truth: time to present your initiatives, and your results, to your board of directors (BOD). In the past, you may have gotten by with little more than a cursory explanation, touching on little more than compliance issues, but in 2017, cybersecurity no longer flies under the BOD’s radar.

By this point in our series on security and the CEO, it should be clear that security isn’t just a technological issue. It’s a cultural one, and you must improve your organization’s security culture, as well as its security processes and technologies. To accelerate your digital transformation, security must become part of your company’s very DNA. That’s where the CEO comes into play.

Within every market—whether it be government, business, healthcare or education—it’s crucial that identity and access management (IAM) solutions are designed and implemented with close adherence to the latest government, regulatory, and best practice security frameworks and laws, in order to help organizations meet their compliance goals and to ensure the integrity and security of their user data.

In 2017, ransomware, the use of weaponized encryption to block access to a computer system or service until a ransom is paid, is all the rage among hackers. In fact, ransomware is now one of the top three most common malware threats.

The situation is dire, with hackers requesting ransoms of up to $73,000 per attack. Ransomware payments totaled more than $1 billion in 2016, a massive jump from the mere $34 million paid in 2015.