cyber risk
Threat visibility is imperative, but it’s even more essential to act
Cyberthreats are escalating faster than many organizations can identify, block and mitigate them. Visibility into the expanding threat landscape is imperative, but according …
SMBs show no improvement in IT maturity levels, security remains top concern
IT groups at small and midsize businesses (SMBs) show no improvement in IT maturity levels in three years, while security remains top concern, a Kaseya survey reveals. Based …
Should social media organizations be subject to strict privacy regulation?
80% of IT security professionals agree that more security and privacy legislation is needed, especially for social media organizations that store personal data. However, …
Supply chain security: Five IT strategies for choosing vendors wisely
With the proliferation of SaaS solutions, API integrations and cloud computing, virtually everything in the modern enterprise is connected to untold number of outside …
CISO priorities: Implementing security from the get-go
Dr. David Brumley, CEO of ForAllSecure, a Carnegie Mellon computer science professor (on leave), and part of the team that won the DARPA Cyber Grand Challenge, was, at one …
Attackers use large-scale bots to launch attacks on social media platforms
Social media sites have become lucrative targets for criminals looking for quick monetization. More than half of logins (53%) on social media sites are fraudulent and 25% of …
Thinking network-first to protect against security threats
The challenge of securing data has seen a dramatic shift in complexity in recent years due to an increasing number of threats frequently appearing. However, this complexity …
A point-in-time approach to risk management is no longer effective
Among organizations that engage third parties to provide business services, 83% identified third-party risks after conducting due diligence and before recertification, …
Extending security to fourth parties your business needs, but doesn’t control
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Six critical areas to focus on when integrating DevSecOps into an organization
The omnipresence of consumer electronics and computer power, alongside modern trends (i.e., DevOps, microservices, and open source) that accelerate deployment cycles continue …
FSI organizations are failing to assess their software for security vulnerabilities before release
More than half of organizations have experienced theft of sensitive customer data or system failure and downtime because of insecure software or technology, a Synopsys report …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance