Mary K. Pratt

Contributing Writer

Mary K. Pratt is a freelance writer based in Massachusetts.

10 value-adds that CISOs can deliver

Threat hunting explained: Taking an active approach to defense

Threat hunting explained: Taking an active approach to defense

Threat hunting is the practice of proactively searching for threats that are hiding in an organization's systems – before they attack.

How to make your security team more business savvy

How to make your security team more business savvy

CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better...

PCI compliance: 4 steps to properly scope a PCI assessment

PCI compliance: 4 steps to properly scope a PCI assessment

Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.

10 essential negotiation tactics CISOs should know

10 essential negotiation tactics CISOs should know

Lose that winner takes all mentality and build your negotiation muscle with advice from security leaders and negotiation experts.

Rethinking security hiring: How COVID-19 is changing talent acquisition

Rethinking security hiring: How COVID-19 is changing talent acquisition

Staffing needs remain high, forcing companies to adapt their recruiting and onboarding practices — often for the better.

The CISO's guide to securely handling layoffs

The CISO's guide to securely handling layoffs

Follow these 10 best practices to limit risks to your organization.

5 risk management mistakes CISOs still make

5 risk management mistakes CISOs still make

Cybersecurity is now a board-level issue, but many organizations still struggle to get security risk management right.

10 ways to get more from your security budget

10 ways to get more from your security budget

In today's economic climate, CISOs have to make every penny count and maximize every dollar. Here’s how some do that.

10 markers of a great cybersecurity program

10 markers of a great cybersecurity program

How strong is your security program? These ten indicators will help you recognize greatness in your own organization and serve as a guide for what to look for in a partner.

6 security metrics that matter – and 4 that don’t

6 security metrics that matter – and 4 that don’t

The increasingly high stakes of getting security right and growing board interest means metrics are more important than ever. But there are some metrics that are more useful than others.

How to write an effective information security policy

How to write an effective information security policy

An information security policy is a high-level view of what should be done within a company in regard to information security. Here's how to create one that is an effective tool for improving your security posture.

Load More