risk assessment
Canada launches breach risk self-assessment online tool
Privacy Commissioner of Canada Philippe Dufresne has launched a new online tool that will help businesses and federal institutions that experience a privacy breach to assess …
How to choose secure, verifiable technologies?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, …
Treat AI like a human: Redefining cybersecurity
In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools. He …
6 key elements for building a healthcare cybersecurity response plan
Medical practices remain vulnerable to cyberattacks, with over a third unable to cite a cybersecurity incident response plan, according to Software Advice. This gap exposes …
The future of cyber insurance: Meeting the demand for non-attack coverage
In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an …
Unclear pricing for GRC tools creates market confusion
Due to widely varying government, risk, and compliance (GRC) tool pricing, enterprise risk management (ERM) leaders must understand four different pricing-tier categories of …
Leveraging dynamic configuration for seamless and compliant software changes
In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster …
OWASP dep-scan: Open-source security and risk audit tool
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project …
Key questions to ask when tailoring defensive stacks
In this Help Net Security video, Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, outlines the questions you need to ask your security team when tailoring a …
How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying …
How Google’s 90-day TLS certificate validity proposal will affect enterprises
Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. …
Why cyber maturity assessment should become standard practice
Understanding risk is one thing, but how do you know if your organization has what it takes to withstand those risks being realized? Establishing cyber maturity can help …