risk management
How much does cloud-based identity expand your attack surface?
We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael …
8 cybersecurity predictions shaping the future of cyber defense
Among Gartner’s top predictions are the collapse of the cybersecurity skills gap and the reduction of employee-driven cybersecurity incidents through the adoption of …
What organizations need to know about the Digital Operational Resilience Act (DORA)
In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act (DORA) on …
Businesses foresee major impact from new SEC cybersecurity disclosure rules
While 98% of security professionals and executives have started working to comply with the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, …
98% of businesses linked to breached third parties
According to the updated SEC regulations on cybersecurity incident disclosure, findings by SecurityScorecard reveal that 98% of companies are associated with a third party …
AI in cybersecurity presents a complex duality
Companies more than ever view GRC (Governance, Risk, and Compliance) as a holistic process and are taking steps toward getting a complete view of their risk environment and …
NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …
How to make sense of the new SEC cyber risk disclosure rules
SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in …
NIS2 Directive raises stakes for security leaders
In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to …
Third-party risk management best practices and why they matter
With organizations increasingly relying on third-party vendors, upping the third-party risk management (TPRM) game has become imperative to prevent the fallout of third-party …
Without clear guidance, SEC’s new rule on incident reporting may be detrimental
The SEC has instituted a set of guidelines “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material …
Global cyber inequity skyrockets
There has been a sharp increase in cyber inequity globally, with 90% of executives warning that urgent action is needed to address it, according to the World Economic Forum. …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility