Why chasing risk assessments will have you chasing your tail
Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third …
risk assessment
How to set up a powerful insider threat program
Security spend continues to focus on external threats despite threats often coming from within the organization. A recent Imperva report (by Forrester Research) found only 18 …
The changing role of the CCO: Champion of innovation and business continuity
In this interview with Help Net Security, Simon Winchester, VP Worldwide Advanced Technologies at Jumio, talks about the changing role of the chief compliance officer (CCO) …
The benefits of cyber risk quantification in the modern cybersecurity landscape
Kovrr and SANS Institute released their joint survey that reveals enterprise motivation and impact of cyber risk quantification (CRQ) in the modern cybersecurity landscape. …
Navigating data privacy in the higher education ecosystem
The need for academic institutions to become data privacy advocates is paramount. Over the past 24 months, higher education institutions have accelerated digital …
Log4j exploitation risk is not as high as first thought, cyber MGA says
When the Log4Shell vulnerability (CVE-2021-44228) was publicly revealed in December 2021, CISA Director Jen Easterly said that it is the “most serious” vulnerability she has …
Mapping ATT&CK techniques to CVEs should make risk assessment easier
Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered …
While businesses are ramping up their risk mitigation efforts, they could be doing more
Zurich North America and Advisen have released a survey of corporate risk managers and insurance buyers revealing current views about information security and cyber risk …
The first step to being cybersmart: Just start somewhere
When it comes to a subject as complex as cybersecurity, it’s easy to become a victim of decision paralysis. When company leaders and IT staff begin looking at their options …
Which technologies can help legal and compliance teams navigate a changing landscape of risk?
In this interview with Help Net Security, Zack Hutto, Director of Advisory Services at Gartner‘s Legal and Compliance Practice, talks about the challenges legal and …
How collaboration between IT pros and senior leaders could drive the future of risk mitigation
What is an acceptable level of risk for IT pros and their organizations? The answer to this question has changed in recent years, with the threat landscape shifting …
Assessing subsidiary risk a top priority for most enterprises, yet they still lack proper visibility
Most enterprises are overconfident and lack the proper visibility to manage subsidiary risk, according to an Osterman Research study. The study surveyed enterprises with more …