cyber risk
CISO priorities: Implementing security from the get-go
Dr. David Brumley, CEO of ForAllSecure, a Carnegie Mellon computer science professor (on leave), and part of the team that won the DARPA Cyber Grand Challenge, was, at one …
Attackers use large-scale bots to launch attacks on social media platforms
Social media sites have become lucrative targets for criminals looking for quick monetization. More than half of logins (53%) on social media sites are fraudulent and 25% of …
Thinking network-first to protect against security threats
The challenge of securing data has seen a dramatic shift in complexity in recent years due to an increasing number of threats frequently appearing. However, this complexity …
A point-in-time approach to risk management is no longer effective
Among organizations that engage third parties to provide business services, 83% identified third-party risks after conducting due diligence and before recertification, …
Extending security to fourth parties your business needs, but doesn’t control
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Six critical areas to focus on when integrating DevSecOps into an organization
The omnipresence of consumer electronics and computer power, alongside modern trends (i.e., DevOps, microservices, and open source) that accelerate deployment cycles continue …
FSI organizations are failing to assess their software for security vulnerabilities before release
More than half of organizations have experienced theft of sensitive customer data or system failure and downtime because of insecure software or technology, a Synopsys report …
As attackers get more creative, mobile threats and attacks increase in both quantity and impact
It is no longer a matter of if or when an enterprise’s mobile endpoints will be compromised. They already are and most organizations have little to no knowledge or visibility …
Many companies don’t know the depth of their IoT-related risk exposure
In the digital age, cyber is everywhere. Cyber risk now permeates nearly every aspect of how we live and work. Organizations should better understand how to manage the risks …
How effective is your security operations center?
While the SOC is considered an essential or important component of business, most security professionals rate their SOC’s effectiveness as low, and 49 percent say it is not …
How to increase the efficiency of your risk and compliance management strategy
The rise of new business processes and the changing government rules and regulations around the globe are posing challenges for small and big companies alike, according to …