iDiscovery Solutions’ Director of Cybersecurity Robert Kirtley warns organizations not to confuse “security theater” with the type of user awareness training that can change risky behaviors and foster a culture of security.
Across the Contract Universe
Ryan Drimalla, managing director at FTI Consulting, discusses the importance of process-driven contract lifecycle management, including ways technology can make corporations more efficient in this area.
Continue Reading
Delegating Routine Tasks to AI
For ContractWorks co-founder Albert Oaten, AI is not an abstract future; it is the concrete means to help law departments save money, save time and mitigate risk – right now.
Continue Reading
The Double-Edged Sword of “Digital Exhaust”
Before we choke on our “digital exhaust,” Hunter McMahon of iDS suggests we take a deep breath and examine the unnecessary risks we may be taking.
Continue Reading
Are You Accounting for One of Your Largest Cybersecurity Risks?
Article by: Charlie Platt / iDiscovery Solutions
I’ve written on this topic before, and despite the danger of sounding like a broken record, I will repeat myself: Cybersecurity is all about risk management. Many of you are likely working with your company’s chief information security officer (CISO) and security teams to help assess and control this cyberrisk. (At least I hope you are.) And one of the first things most security professionals recommend is taking an inventory of your IT assets. In fact, it’s embodied in the first Function of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework:
“The activities in the Identify Function are foundational for effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs. Examples of outcome Categories within this Function include: Asset Management; Business Environment; Governance; Risk Assessment; and Risk Management Strategy.”