A point-in-time approach to risk management is no longer effective
Among organizations that engage third parties to provide business services, 83% identified third-party risks after conducting due diligence and before recertification, …
cyber risk
Extending security to fourth parties your business needs, but doesn’t control
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Six critical areas to focus on when integrating DevSecOps into an organization
The omnipresence of consumer electronics and computer power, alongside modern trends (i.e., DevOps, microservices, and open source) that accelerate deployment cycles continue …
FSI organizations are failing to assess their software for security vulnerabilities before release
More than half of organizations have experienced theft of sensitive customer data or system failure and downtime because of insecure software or technology, a Synopsys report …
As attackers get more creative, mobile threats and attacks increase in both quantity and impact
It is no longer a matter of if or when an enterprise’s mobile endpoints will be compromised. They already are and most organizations have little to no knowledge or visibility …
Many companies don’t know the depth of their IoT-related risk exposure
In the digital age, cyber is everywhere. Cyber risk now permeates nearly every aspect of how we live and work. Organizations should better understand how to manage the risks …
How effective is your security operations center?
While the SOC is considered an essential or important component of business, most security professionals rate their SOC’s effectiveness as low, and 49 percent say it is not …
How to increase the efficiency of your risk and compliance management strategy
The rise of new business processes and the changing government rules and regulations around the globe are posing challenges for small and big companies alike, according to …
Most SMBs have not identified and documented cybersecurity threats
A majority of small and medium-sized businesses (SMBs) do not have cybersecurity protection at the top of their agenda and are highly prone to risks and vulnerabilities, …
