NIST updates guidance for cybersecurity supply chain risk management
The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks …
procurement
MVSP: A minimum cybersecurity baseline to simplify vendor security assessment
Any organization that’s actively working on managing its cybersecurity risk can’t ignore the risk that goes with third-party vendors having access to its critical …
How a conference room speakerphone might let attackers into your company network
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in …
Capital projects delayed or put on hold due to pandemic
61% of owner-operators of factories, mines, refineries and public, telecommunications and utility infrastructure organizations expect new projects to be delayed or put …
ENISA publishes procurement guidelines for cybersecurity in hospitals
The EU Agency for Cybersecurity (ENISA) published a cybersecurity procurement guide for hospitals. The hospital is a vast ecosystem comprised of an entire network of devices, …