risk management
Making transparency a norm in cybersecurity
The general lack of transparency around cybersecurity continues to be one of the largest factors holding back the combined ability of the public and private sector to truly …
Cybersecurity industry analysis: Another recurring vulnerability we must correct
I have spent my career finding, fixing, discussing, and breaking down software vulnerabilities, one way or another. I know that when it comes to some common security bugs, …
Maximizing a hybrid cloud approach with colocation
As a multi-tenant cloud environment, the public cloud offers companies with vast amounts of data a highly affordable option. However, it also presents a number of limitations …
Navigating the waters of maritime cybersecurity
In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government …
Why threat hunting is obsolete without context
Cybersecurity is an undisputed concern within any industry – but how are organizations and businesses using the security data and information they collect to best ensure their …
Pandemic accelerating need for insider risk management
As companies exit the pandemic, security leaders will be challenged with new data security complexities. Remote work over the past year magnified challenges that companies …
Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …
Cybersecurity only the tip of the iceberg for third-party risk management
Most companies are missing key risks at more than one stage of the vendor risk lifecycle, yet few are expanding their TPRM programs to address these risks, according to …
Payment transaction volume using 3-D Secure protocol grows globally
RSA has published its latest quarterly fraud report, reinforcing the migration to more precise payment authentication methods and showing a notable spike in brand abuse …
Despite higher workloads, risk managers have high levels of job satisfaction
A majority of risk managers are optimistic about the profession’s outlook, with COVID-19 and economic uncertainty amplifying the need for strong organizational risk …
Cloud technology adoption gap between internal audit and other enterprise functions to narrow
Internal audit’s ongoing digital transformation will rapidly accelerate in 2021, with 22% of respondents reporting that they will implement cloud-based technology this year, …