What does this mean for IT governance and policy?
Symantec just released its 2019 Internet Security Threat Report (ISTR). It is largely a comparison of malware trends and cybercriminal activity over the last 1-3 years. A quick look into the data reveals that many of the report’s findings are aimed at the end user or environments with a small IT footprint. Despite this, there are valuable insights can be taken from it about enterprise IT governance and IT risk modeling. This two-part series talks about the economic motivations of cybercriminals and how their actions change as a result. It then talks about how these should influence your IT risk modeling efforts.