Maturity models in cyber security: what's happening to the IAMM?

| March 8, 2018

article image
Most generally, a maturity model is a tool for assessing an organisation's effectiveness at achieving a particular goal. They enable organisations to identify where their practices are weak or not taken seriously and where their practices are truly embedded. In the context of cyber security, maturity models can help to distinguish between organisations in which security is baked in and those in which it is merely bolted on. One of the main reasons that maturity models are used is that organisation-wide improvements can take time; in cyber security a maturity model gives an organisation’s leadership a way to measure the progress made in embedding security into its day-to-day and strategic operations.

Spotlight

The Email Laundry

The Email Laundry focuses on keeping email safe from malware, phishing, spam, and other advanced threats for over 10,000 organizations worldwide. Founded in 2007, The Email Laundry offers industry-leading cloud-based email security, email encryption, archiving, continuity, phishing user training, email banners and signatures, as well as cyber threat intelligence feeds, to keep businesses secure. Using in-house developed algorithms, The Email Laundry protects email using cyber threat intelligence and multi-layered filtering to block spam and malicious emails before they reach users’ inboxes. The Email Laundry makes securing business hassle free and with The Email Laundry continuity and archiving, emails will continue to flow through natural disasters, floods, fires, or any other issues that may bring your server down.

OTHER ARTICLES

5 Benefits of Investing in Cyber Security & IT solutions in 2021

Article | June 2, 2021

Cyber Security has quickly evolved from being just an IT problem to a business problem. Recent attacks like those on Travelex and the SolarWinds hack have proved that cyber-attacks can affect the most solid of businesses and create PR nightmares for brands built painstakingly over the years. Investing in cyber security training, cyber security advisory services and the right kind of IT support products, has therefore, become imperative in 2021. Investing in cyber security infrastructure, cyber security certification for employees and IT solutions safeguards businesses from a whole spectrum of security risks, ransomware, spyware, and adware. Ransomware refers to malicious software that bars users from accessing their computer system, whereas adware is a computer virus that is one of the most common methods of infecting a computer system with a virus. Spyware spies on you and your business activities while extracting useful information. Add social engineering, security breaches and compromises to your network security into the mix, and you have a lethal cocktail.

Read More

Progress Is the Promise in National Cybersecurity Strategy

Article | June 2, 2021

How can progress be measured when it comes to shifts in national security strategy and practice? Several assessment variables might include changes in official national guidance, legal authorities, types of campaigns or operations, lexicon used in national security discourse, and early results of the application of those changes. Since 2016, with the introduction of the construct of persistent engagement and the subsequent development of defend forward, all these variables have changed in a positive manner.

Read More

NCSC makes ransomware attack guidance more accessible

Article | June 2, 2021

The UK’s National Cyber Security Centre (NCSC) has updated its guidance to organisations on how to mitigate the impact of malware and ransomware attacks, retiring its standalone ransomware guidance and amalgamating the two in a bid to improve clarity and ease confusion among business and consumer users alike. The NCSC said that having two different pieces of guidance had caused some issues as a lot of the content relating to ransomware was essentially identical, while the malware guidance was a little more up-to-date and relevant. The service said the changes reflect to some extent how members of the public understand cyber security. For example, it implies a distinction between malware and ransomware even though technically speaking, ransomware is merely a type of malware. “Not everyone who visits our website knows that. Furthermore, they might well search for the term ‘ransomware’ (rather than ‘malware’) when they’re in the grip of a live ransomware incident,” said a spokesperson.

Read More

Delivering on the promise of security AI to help defenders protect today’s hybrid environments

Article | June 2, 2021

Technology is reshaping society – artificial intelligence (AI) is enabling us to increase crop yields, protect endangered animals and improve access to healthcare. Technology is also transforming criminal enterprises, which are developing increasingly targeted attacks against a growing range of devices and services. Using the cloud to harness the largest and most diverse set of signals – with the right mix of AI and human defenders – we can turn the tide in cybersecurity. Microsoft is announcing new capabilities in AI and automation available today to accelerate that change. Cybersecurity always comes down to people – good and bad. Our optimism is grounded in our belief in the potential for good people and technology to work in harmony to accomplish amazing things. After years of investment and engineering work, the data now shows that Microsoft is delivering on the potential of AI to enable defenders to protect data and manage risk across the full breadth of their digital estates.

Read More

Spotlight

The Email Laundry

The Email Laundry focuses on keeping email safe from malware, phishing, spam, and other advanced threats for over 10,000 organizations worldwide. Founded in 2007, The Email Laundry offers industry-leading cloud-based email security, email encryption, archiving, continuity, phishing user training, email banners and signatures, as well as cyber threat intelligence feeds, to keep businesses secure. Using in-house developed algorithms, The Email Laundry protects email using cyber threat intelligence and multi-layered filtering to block spam and malicious emails before they reach users’ inboxes. The Email Laundry makes securing business hassle free and with The Email Laundry continuity and archiving, emails will continue to flow through natural disasters, floods, fires, or any other issues that may bring your server down.

Events