Could the Breadcrumb Technique Help Boost Your Landing Page Conversions?

June 24, 2019 | 169 views

We’ve all heard the term “less is more”. And we’ve been told this applies for landing pages too. I.e. your forms should be short and only ask for only the bare minimum of required information if you want to convert. As an example, one of the main questions someone typically has when faced with a landing page is is how much your offer will cost. But if the offer on your landing page is for a free quote, you can’t necessarily disclose pricing on the page. When there’s no pricing, but instead a form requiring a name, phone number, and email, the visitor knows.

Spotlight

Tufin

Tufin is the leader in Security Policy Orchestration, enabling enterprises to centrally manage, visualize and control security policies across hybrid cloud and physical network environments. Tufin serves over 1,700 enterprise customers in industries worldwide – including finance, telecom, energy and utilities, healthcare and pharmaceuticals, retail, education, government, manufacturing and transportation. The award-winning Tufin Orchestration Suite is a complete solution for automatically designing, provisioning, analyzing and auditing network security changes from the application layer down to the network layer. By optimizing security policies, Tufin reduces the attack surface and minimizes disruptions to critical applications; its network-security automation provides enterprises with rapid service delivery, continuous compliance and increased agility.

OTHER ARTICLES
DATA SECURITY, ENTERPRISE SECURITY

The Great CISO Resignation

Article | November 22, 2022

CISOs Are Leaving in Droves The Great Resignation has been front-page news since Covid lockdowns, with many employees looking for the work-life balance they enjoyed at the time. Now, the phenomenon has spread to the role of Chief Information Security Officer (CISO) and shows no signs of letting up. In fact, industry experts predict that it is likely to worsen. A recent study from cybersecurity company BlackFog found that 32% of CISOs in the U.K. and U.S. have considered leaving and many planned to do so in just six months. The majority noted that the top reason for leaving was a lack of work-life balance. The CISO role is demanding, with firefighting and frequent changes in regulations and customer expectations taking up significant time both on and off the job. In another recent study in which 581 CISOs were surveyed, the IANS Research and Artico Search explored CISO compensation and job satisfaction. Three-fourths of CISOs are satisfied with their job, which is 7% higher than in the 2021 sample and more than double that of the 2020 sample. The main drivers of satisfaction are compensation, budget, executive visibility, and organizational support. However, despite high satisfaction numbers, the study found that as many as 44% of respondents are considering a job change. CISO Challenges LIABILITY AND EXPOSURE OF THE CISO There is a perception that CISOs face heightened liability for cyber intrusions and the response to cyber events. One extraordinary example is the recent conviction of Uber’s former security officer, which represents the first time a security executive has faced federal crime prosecution over a data security response. In this case the finding was that he obstructed justice by concealing information about a breach, destroying data, and covering up the incident. CISOs are often in the hot seat when it comes to cyber-intrusions and how they are handled. The Board of Directors (possibly including named corporate officers) in most cases are protected by being diligent about the Business Judgement Rule (BJR). Heavily adopted in Delaware case law and since adopted in various forms in many states, this “rule” stipulates that proper oversight includes demonstrating the duty of loyalty (no conflicting interests) and duty of care (make informed decisions) to be protected from liability. There are few cases (although Enron being one) where liability was found but it was for illegalities and poor business judgment. Since CISOs are not named corporate officers in most cases, BJR does not provide comfort. Similarly, liability insurance which covers legal defense fees and cash judgments often covers only directors and named corporate officers unless the CISO has been specifically included in the policy. DUTY TO REPORT Improving Board-CISO Transparency There is a mechanism found in corporate governance best-practices for ensuring that the most senior people in an organization get direct, unfiltered input from a key executive, regardless of reporting structure. It is called the executive session. This is in common use by Boards of Directors who meet individually with the Chief Financial Officer, Controller, and other key executives, notably without other management in the room. Questions are intended to be penetrating and the respondent is expected to respond openly. Now that cybersecurity has risen to a top risk for the enterprise, the CISO position should be among those who appear individually in an executive session with the highest governing body of an enterprise at least annually. This addition to governance best-practices would give Board members and State governors unfiltered information on cybersecurity matters, thereby helping to fulfil their oversight responsibility. Bob Zukis, founder and CEO of the Digital Directors Network, reports that a survey of its membership of more than 900 IT, cyber, and boardroom leaders shows nearly half of the respondents already have some form of this policy in practice. However, this is still a minority of the overall CISO population, signaling more transparency between the CISO and Board is needed. CISOs in State Governments Government organizations also face many of these issues. Evidence shows that CISOs in state governments are as vulnerable to other job offers as CISOs in the private sector. In the span of eight days in October 2022, there were several reports of state CISOs resigning, including Oklahoma, Georgia, Pennsylvania, and North Dakota. [1] Legal liability is not an issue the government CISO needs to be worried about since governments and their employees are immune from legal suits. However, government CISOs are highly concerned about shouldering blame, especially in the press, for security intrusions or their coverup. As with private industry, state governments should also institute this recommended practice. NCC recommends CISOs be called upon to appear in an executive session with agency heads and even the governor at least once a year. The State of Texas, for example, already has a version of this policy implemented in a statute and in practice. Texas Administrative Code includes provisions for: Reporting, at least annually, directly to the agency head the status and effectiveness of the security program and its controls. Informing any relevant parties in the event of noncompliance with the state agency’s information security policies Resolving the Great CISO Resignation For organizations across the public and private sectors, cybersecurity has risen to one of the top risks and has increased the importance of the role of the CISO. Most are looking to improve their work-life balance and reduce some of the stressors of the job. While many CISOs are also concerned about trends in liability and becoming headline news for decisions made on the job, requiring CISOs to appear in executive sessions with board members or state governors can help to alleviate these concerns and improve CISO job satisfaction while at the same time improving how the most senior levels of organizations fulfil their responsibilities for oversight of top risks.

Read More
PLATFORM SECURITY

Top 5 Application Security Trends Businesses Must Be Aware of in 2023

Article | October 12, 2022

Introduction Top 5 Trends for Businesses to Improve Their Existing Application Security 1.AppSec and Convergence 2.Adoption of Automated AI Security Capabilities 3.Emphasis on Securing the Software Supply Chain 4.Extreme 'Shift Left' 5.Upsurge in Demand for Vulnerability Prioritization Moving Forward with Application Security Introduction The proliferation of applications and their usage across the business landscape has made application security a strategic initiative that spans departments rather than an activity. Several factors are driving the rethinking of application security as a broader strategic program, including the evolving threat landscape, more incremental software development frameworks, and the adoption of nimbler. With the acceleration of software development and the greater-than-ever role of code in current business infrastructure, application security is shifting left in the process and infusing every step to ensure that the applications reaching customers' hands are secure and reliable. Top 5 Trends for Businesses to Improve Their Existing Application Security Applications serve as a doorway to servers and networks, making them an excellent target for malicious actors. Since cyber attackers constantly improve their techniques for breaking into software, it is becoming essential for businesses to gain insights into ever-evolving trends in the AppSec space. Here are some of the prominent trends that businesses should aware of to improve their existing application security. Trend 1: AppSec and CloudSec Convergence To accurately estimate attack surface and overall security posture, both application code vulnerabilities and cloud service hosting misconfigurations must be examined. The convergence of AppSec and CloudSec is becoming a critical component of modern security operations. It allows organizations to gain a comprehensive view of the attack surface and better understand the risks posed by application code and cloud service providers. By looking at these two areas cohesively, organizations can identify business-critical vulnerabilities and prioritize their remediation efforts. Trend 2: Adoption of Automated AI Security Capabilities The increasing volume and complexity of security threats pose significant challenges for organizations, causing strain on their threat detection and response capabilities. This leads to slower response times, higher costs, and a greater impact on security incidents. To address this issue, many companies are turning to security automation as a potential solution. One of such approaches involves the use of artificial intelligence (AI), which can automate data gathering, threat identification, and incident response processes. By adopting security automation, companies can optimize the use of limited security personnel and resources, enabling them to focus on high-value activities that provide maximum benefit to the organization. Trend 3: Emphasis on Securing the Software Supply Chain The software supply chain is emerging as a primary area of focus due to the heightened risks associated with software development. This urgency has been further compounded by the recent attack, such as Solarwind data breach and the Log4j attack on Apache, increasing the significance of software security measures. Companies are taking a more proactive approach for making enhancements in the software supply chain to protect their applications, including conducting Static Application Security Testing (SAST) to identify and address vulnerabilities before malicious actors can exploit them. Trend 4: Extreme 'Shift Left' The ‘shift left’ in software development has gained significant momentum in recent years. The idea behind this approach is to prioritize security and other critical aspects of software development at the earliest possible stage in the development process. By doing so, organizations can make more informed security decisions and identify and address security vulnerabilities before they cause any damage. As the pace of development continues to increase, organizations are increasingly adopting this approach in their software development processes to protect their systems and data from security risks. Trend 5: Upsurge in Demand for Vulnerability Prioritization Managing vulnerabilities in a software system requires analyzing vast amounts of data to determine issues that require immediate attention and prioritization. However, the growing presence of false positives is negatively impacting this process, resulting in decreased efficiency and wasted resources. Organizations are increasingly looking for vendors to provide vulnerability management tools that can reduce false positives, differentiate between low-priority issues and severe security threats, and offer actionable insights to mitigate them. Moving Forward with Application Security Applications security has become more critical than ever before for businesses in the current digital scape. With the attack surface constantly expanding and the frequency of threats on the rise, organizations must remain agile and employ the best effective strategies to protect their applications from potential cyberattacks. The significance of application security has not gone unnoticed. As organizations continue to invest in security measures, they are increasingly upgrading themselves as per emerging security trends to protect themselves against evolving cyber threats. This includes adopting the ‘shift left’ approach, tightening controls, and having a clear definition of remediation processes.

Read More
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Article | August 20, 2022

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?A new study of credit management professionals has revealed that improving the quality of data and decision-making will be a top priority for the credit industry in the next three years. The research, from Equifax Ingnite in collaboration with Coleman Parkes, takes a deep dive into the views of credit management pros across retail, banking, finance and debt management/recovery sectors.

Read More

3 Trends in Data Privacy Breach Laws That Will Carry Over to 2020

Article | February 12, 2020

During 2019, new privacy laws were introduced, and many current laws evolved in the United States and across the global landscape. With the General Data Protection Regulation (GDPR) in full effect, we saw expensive fines levied upon companies that fell victim to data privacy breaches. As we move into a new year, probably the biggest takeaway from 2019 is that being proactive and having a data privacy strategy in place is important to help mitigate the risk of a data privacy breach. The regulatory landscape continues to evolve as states and countries actively pass new expanded requirements for privacy and cybersecurity regulations. While laws in the U.S., like the California Consumer Privacy Act (CCPA), are getting significant attention, many other states and countries are actively amending their breach notification laws to include tighter restrictions.

Read More

Spotlight

Tufin

Tufin is the leader in Security Policy Orchestration, enabling enterprises to centrally manage, visualize and control security policies across hybrid cloud and physical network environments. Tufin serves over 1,700 enterprise customers in industries worldwide – including finance, telecom, energy and utilities, healthcare and pharmaceuticals, retail, education, government, manufacturing and transportation. The award-winning Tufin Orchestration Suite is a complete solution for automatically designing, provisioning, analyzing and auditing network security changes from the application layer down to the network layer. By optimizing security policies, Tufin reduces the attack surface and minimizes disruptions to critical applications; its network-security automation provides enterprises with rapid service delivery, continuous compliance and increased agility.

Related News

Global Search Marketing Agency, Directive, Announces Complete Rebranding

Directive Consulting | December 05, 2018

Directive, the leading B2B and enterprise search marketing agency, announced today the launch of their new branding to reflect their evolution into a global search marketing agency. Directive’s unique approach to search marketing has positioned the company as the agency of choice for leading B2B and enterprise companies since 2014 with a portfolio comprised of 90% in the B2B space. With their extensive rebranding efforts, the company continues to offer premier SEO, PPC, CRO, content marketing and paid social services that B2B and enterprises need to scale their business. Additionally, Directive continues to invest further in employee well-being, marketing technologies and superior support for clients. “Our rebranding does not impact our services, operations or our market, as we have been working with leaders in the B2B space for some time; however, our identity now reflects and matches that,” stated Hannah Mans, Directive’s director of marketing. “This milestone is the first of many as we work towards our vision to be the largest global B2B search agency by the end of 2020.” The rebranding includes a top-to-bottom redesign of the company’s website and logo to better resonate with current and potential clients.

Read More

Global Search Marketing Agency, Directive, Announces Complete Rebranding

Directive Consulting | December 05, 2018

Directive, the leading B2B and enterprise search marketing agency, announced today the launch of their new branding to reflect their evolution into a global search marketing agency. Directive’s unique approach to search marketing has positioned the company as the agency of choice for leading B2B and enterprise companies since 2014 with a portfolio comprised of 90% in the B2B space. With their extensive rebranding efforts, the company continues to offer premier SEO, PPC, CRO, content marketing and paid social services that B2B and enterprises need to scale their business. Additionally, Directive continues to invest further in employee well-being, marketing technologies and superior support for clients. “Our rebranding does not impact our services, operations or our market, as we have been working with leaders in the B2B space for some time; however, our identity now reflects and matches that,” stated Hannah Mans, Directive’s

Read More

Directive Ranks #1 in Clutch’s Top B2B Marketing Service Providers

Directive Consulting | March 06, 2019

Directive, the leading B2B and enterprise search marketing agency, has recently been honored as the number one B2B marketing and advertising service provider in Los Angeles, according to Clutch. Clutch is a B2B research, ratings and reviews site that identifies leading IT and marketing service providers and software. Recently, Clutch has announced over 260 B2B companies that embody industry leadership in Los Angeles based on their market presence, respective expertise, verified client feedback, and their past and current clientele. Directive was awarded the leading spot on the advertising and marketing list. “We are thrilled for this opportunity to be recognized as the go-to service provider for B2B marketing,” said CEO and Co-founder Garrett Mehrguth. “This is a testament to our team’s dedication and unwavering focus on excellence and to deliver premier services to our clients.” Since its establishment in 2014, Mehrguth has led Directive in its expansion of five global offices including Orange County, California; Austin, Texas; Los Angeles; New York City; and London. Directive has increased by a year-over-year growth rate of 300 percent, and now is celebrating as the number one B2B marketing and advertising service provider in Los Angeles.

Read More

Global Search Marketing Agency, Directive, Announces Complete Rebranding

Directive Consulting | December 05, 2018

Directive, the leading B2B and enterprise search marketing agency, announced today the launch of their new branding to reflect their evolution into a global search marketing agency. Directive’s unique approach to search marketing has positioned the company as the agency of choice for leading B2B and enterprise companies since 2014 with a portfolio comprised of 90% in the B2B space. With their extensive rebranding efforts, the company continues to offer premier SEO, PPC, CRO, content marketing and paid social services that B2B and enterprises need to scale their business. Additionally, Directive continues to invest further in employee well-being, marketing technologies and superior support for clients. “Our rebranding does not impact our services, operations or our market, as we have been working with leaders in the B2B space for some time; however, our identity now reflects and matches that,” stated Hannah Mans, Directive’s director of marketing. “This milestone is the first of many as we work towards our vision to be the largest global B2B search agency by the end of 2020.” The rebranding includes a top-to-bottom redesign of the company’s website and logo to better resonate with current and potential clients.

Read More

Global Search Marketing Agency, Directive, Announces Complete Rebranding

Directive Consulting | December 05, 2018

Directive, the leading B2B and enterprise search marketing agency, announced today the launch of their new branding to reflect their evolution into a global search marketing agency. Directive’s unique approach to search marketing has positioned the company as the agency of choice for leading B2B and enterprise companies since 2014 with a portfolio comprised of 90% in the B2B space. With their extensive rebranding efforts, the company continues to offer premier SEO, PPC, CRO, content marketing and paid social services that B2B and enterprises need to scale their business. Additionally, Directive continues to invest further in employee well-being, marketing technologies and superior support for clients. “Our rebranding does not impact our services, operations or our market, as we have been working with leaders in the B2B space for some time; however, our identity now reflects and matches that,” stated Hannah Mans, Directive’s

Read More

Directive Ranks #1 in Clutch’s Top B2B Marketing Service Providers

Directive Consulting | March 06, 2019

Directive, the leading B2B and enterprise search marketing agency, has recently been honored as the number one B2B marketing and advertising service provider in Los Angeles, according to Clutch. Clutch is a B2B research, ratings and reviews site that identifies leading IT and marketing service providers and software. Recently, Clutch has announced over 260 B2B companies that embody industry leadership in Los Angeles based on their market presence, respective expertise, verified client feedback, and their past and current clientele. Directive was awarded the leading spot on the advertising and marketing list. “We are thrilled for this opportunity to be recognized as the go-to service provider for B2B marketing,” said CEO and Co-founder Garrett Mehrguth. “This is a testament to our team’s dedication and unwavering focus on excellence and to deliver premier services to our clients.” Since its establishment in 2014, Mehrguth has led Directive in its expansion of five global offices including Orange County, California; Austin, Texas; Los Angeles; New York City; and London. Directive has increased by a year-over-year growth rate of 300 percent, and now is celebrating as the number one B2B marketing and advertising service provider in Los Angeles.

Read More

Events