risk management
Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …
Cybersecurity only the tip of the iceberg for third-party risk management
Most companies are missing key risks at more than one stage of the vendor risk lifecycle, yet few are expanding their TPRM programs to address these risks, according to …
Payment transaction volume using 3-D Secure protocol grows globally
RSA has published its latest quarterly fraud report, reinforcing the migration to more precise payment authentication methods and showing a notable spike in brand abuse …
Despite higher workloads, risk managers have high levels of job satisfaction
A majority of risk managers are optimistic about the profession’s outlook, with COVID-19 and economic uncertainty amplifying the need for strong organizational risk …
Cloud technology adoption gap between internal audit and other enterprise functions to narrow
Internal audit’s ongoing digital transformation will rapidly accelerate in 2021, with 22% of respondents reporting that they will implement cloud-based technology this year, …
Lack of IT-OT collaboration holding back smart factory security projects
61% of manufacturers have experienced cybersecurity incidents in their smart factories and are struggling to deploy the technology needed to effectively manage cyber risk, …
The financial impact of cybersecurity vulnerabilities on credit unions
Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union industry, according to a Black Kite …
Risk management in the digital world: How different is it?
Managing risk arising from remote work has largely been reactive, and risk managers have had to adapt to new digital threats that weren’t necessarily as prevalent when work …
Risky business: 3 timeless approaches to reduce security risk in 2021
Since the COVID-19 pandemic drove workforces home, we’ve seen an increase in security risk across the board: from an increase in phishing and spear phishing attacks to an …
Third-party risk management programs still largely a checkbox exercise
Enterprise third-party risk management (TPRM) programs have been around for a half-decade or longer, and at this point most large organizations run one. However, many of these …
PCI SSC releases PCI Secure Software Lifecycle (SLC) Standard 1.1
The PCI Security Standards Council (PCI SSC) has published version 1.1 of the PCI Secure Software Lifecycle (SLC) Standard and its supporting program documentation. The PCI …
Featured news
Resources
Don't miss
- Deploying AI at the edge: The security trade-offs and how to manage them
- Cybercrime forums Cracked and Nulled seized, operators arrested
- SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics