Double-Click on Risk-Based Cybersecurity – BankInfoSecurity | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Fraud Management & Cybercrime
Multi-factor & Risk-based Authentication

Niloofar Razi Howe, Ponderance, on Technology-Based vs. Risk-Based Cyber Defense

Niloofar Razi Howe, chair of the board, Pondurance

In today’s cybersecurity landscape, where threats such as ransomware evolve rapidly, organizations must shift their approach to cybersecurity, from technology-based to risk-based, said Niloofar Razi Howe, chair of the board, Pondurance.

Opposite of that, she said, is to respond to threats as they come – without a program in place. Instead of reacting to individual threats, companies must build security frameworks that protect critical business assets and data by assessing their risk tolerance and addressing vulnerabilities strategically.

“The idea of the risk-based approach is that it starts with the fundamentals of your business, and it’s about protecting the things that matter, your IP, your data, your operations, and understanding your risk tolerance level, what’s the gap you have, and how do you build a program that’s appropriately resourced to close that gap over time,” Howe said.

In this video interview with Information Security Media Group at RSA Conference 2024, Howe also discussed:

  • How a risk-based approach to cybersecurity helps enterprises make smarter decisions;
  • How enterprises can take a risk-based approach to comply with the new SEC mandates;
  • How Pondurance is helping customers embrace risk-based security.

Howe has been an investor, executive and entrepreneur in technology and cybersecurity for over 25 years. Most recently, she served as chief strategy officer and senior vice president of strategy and operations at RSA, a global cybersecurity company, where she led corporate strategy, corporate development and planning, business development, global program management, business operations, security operations and federal business development.


Click Here For The Original Source.

National Cyber Security