risk assessment
The benefits of cyber risk quantification in the modern cybersecurity landscape
Kovrr and SANS Institute released their joint survey that reveals enterprise motivation and impact of cyber risk quantification (CRQ) in the modern cybersecurity landscape. …
Navigating data privacy in the higher education ecosystem
The need for academic institutions to become data privacy advocates is paramount. Over the past 24 months, higher education institutions have accelerated digital …
Log4j exploitation risk is not as high as first thought, cyber MGA says
When the Log4Shell vulnerability (CVE-2021-44228) was publicly revealed in December 2021, CISA Director Jen Easterly said that it is the “most serious” vulnerability she has …
Mapping ATT&CK techniques to CVEs should make risk assessment easier
Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered …
While businesses are ramping up their risk mitigation efforts, they could be doing more
Zurich North America and Advisen have released a survey of corporate risk managers and insurance buyers revealing current views about information security and cyber risk …
The first step to being cybersmart: Just start somewhere
When it comes to a subject as complex as cybersecurity, it’s easy to become a victim of decision paralysis. When company leaders and IT staff begin looking at their options …
Which technologies can help legal and compliance teams navigate a changing landscape of risk?
In this interview with Help Net Security, Zack Hutto, Director of Advisory Services at Gartner‘s Legal and Compliance Practice, talks about the challenges legal and …
How collaboration between IT pros and senior leaders could drive the future of risk mitigation
What is an acceptable level of risk for IT pros and their organizations? The answer to this question has changed in recent years, with the threat landscape shifting …
Assessing subsidiary risk a top priority for most enterprises, yet they still lack proper visibility
Most enterprises are overconfident and lack the proper visibility to manage subsidiary risk, according to an Osterman Research study. The study surveyed enterprises with more …
Protecting your company from fourth-party risk
In a world that is becoming ever more interconnected, organizations are learning firsthand that they are not only vulnerable to the adverse events that their vendors …
Ransomware and cyber insurance: What are the risks?
High-profile ransomware events, such as the Colonial Pipeline and Kaseya attacks, continue to create eye-popping headlines about how easily a cybercriminal group can cripple …
How to rethink risks with new cloud deployments
These days, technology seems to evolve at the speed of light. Infrastructures change, attack surfaces reduce and multiply and, not surprisingly, your cloud environment …
Featured news
Resources
Don't miss
- SafeLine: Open-source web application firewall (WAF)
- Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
- Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)
- Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow
- Phishers send corrupted documents to bypass email security