Stories by Robert C. Covington

  • What defines a mature IT security operation?

    RSA recently published its inaugural and aptly named <a href="http://www.emc.com/collateral/ebook/rsa-cybersecurity-poverty-index-ebook.pdf">Cybersecurity Poverty Index</a>. This study is based on self-assessments by organizations who compared their current security implementations against the <a href="http://www.nist.gov/cyberframework/cybersecurity-framework-faqs.cfm">NIST Cybersecurity Framework</a>. According to the report, almost 66 percent rated themselves as inadequate in every category. With all of the recent breaches in the news, part of me is astounded at this finding. The other part is not surprised, given that this matches what I see in the field every day.