Mary K. Pratt

Contributing Writer

Mary K. Pratt is a freelance writer based in Massachusetts.

Eli Lilly security finds strength in flexibility in WFH shift

Eli Lilly security finds strength in flexibility in WFH shift

CISO Meredith Harper shares the greatest challenges her organization faced in the wide-scale move to work-from-home and lessons learned that will outlast the pandemic.

10 value-adds that CISOs can deliver

10 value-adds that CISOs can deliver

Savvy security chiefs are generating returns for their organizations beyond enabling secure business operations. Here's how they do it.

Threat hunting explained: Taking an active approach to defense

Threat hunting explained: Taking an active approach to defense

Threat hunting is the practice of proactively searching for threats that are hiding in an organization's systems – before they attack.

How to make your security team more business savvy

How to make your security team more business savvy

CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better...

PCI compliance: 4 steps to properly scope a PCI assessment

PCI compliance: 4 steps to properly scope a PCI assessment

Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.

10 essential negotiation tactics CISOs should know

10 essential negotiation tactics CISOs should know

Lose that winner takes all mentality and build your negotiation muscle with advice from security leaders and negotiation experts.

Rethinking security hiring: How COVID-19 is changing talent acquisition

Rethinking security hiring: How COVID-19 is changing talent acquisition

Staffing needs remain high, forcing companies to adapt their recruiting and onboarding practices — often for the better.

The CISO's guide to securely handling layoffs

The CISO's guide to securely handling layoffs

Follow these 10 best practices to limit risks to your organization.

5 risk management mistakes CISOs still make

5 risk management mistakes CISOs still make

Cybersecurity is now a board-level issue, but many organizations still struggle to get security risk management right.

10 ways to get more from your security budget

10 ways to get more from your security budget

In today's economic climate, CISOs have to make every penny count and maximize every dollar. Here’s how some do that.

10 markers of a great cybersecurity program

10 markers of a great cybersecurity program

How strong is your security program? These ten indicators will help you recognize greatness in your own organization and serve as a guide for what to look for in a partner.

6 security metrics that matter – and 4 that don’t

6 security metrics that matter – and 4 that don’t

The increasingly high stakes of getting security right and growing board interest means metrics are more important than ever. But there are some metrics that are more useful than others.

How to write an effective information security policy

How to write an effective information security policy

An information security policy is a high-level view of what should be done within a company in regard to information security. Here's how to create one that is an effective tool for improving your security posture.

The CSO's playbook for forging board relationships

The CSO's playbook for forging board relationships

Security is a board-level concern, but many aren’t confident they have the information and processes to provide effective governance. This nine-point plan will help you cement your role as a trusted advisor.

Hiring scarce security talent: 8 secrets to working with recruiters

Hiring scarce security talent: 8 secrets to working with recruiters

Recruiters can be a valuable resource, especially when you're looking to hire for specialized and in-demand skills. Here's how to make the most of the relationship.

Winning the war for cybersecurity talent

Winning the war for cybersecurity talent

Security leaders say they expect demand for talent to outstrip supply for at least the next several years. Your task: develop staffing plans that recognize that reality.

Three strategies to prove security's value

Three strategies to prove security's value

How CISOs can identify and quantify security’s value in real dollars

How to market security: 8 tips for recruiting users to your cause

How to market security: 8 tips for recruiting users to your cause

Getting users to care about security is a much-lamented challenge. What you need is a marketing plan.

4 signs the CISO-board relationship is broken (and 3 ways to fix it)

4 signs the CISO-board relationship is broken (and 3 ways to fix it)

Gaining the board's trust is key for elevating the security function to a strategic level. To do that, CISOs will need to get out of their technical comfort zone.

6 signs the CIO-CISO relationship is broken — and how to fix it

6 signs the CIO-CISO relationship is broken — and how to fix it

Successful collaboration between the IT and security leaders is essential but not always easy. Here are signs the relationship is broken – and 8 steps you should take to fix it.

Load More