risk management
How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying …
Defining a holistic GRC strategy
End-user spending on security and risk management will total $215 billion in 2024, according to Gartner. In this Help Net Security video, Nicholas Kathmann, CISO at LogicGate, …
How much does cloud-based identity expand your attack surface?
We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael …
8 cybersecurity predictions shaping the future of cyber defense
Among Gartner’s top predictions are the collapse of the cybersecurity skills gap and the reduction of employee-driven cybersecurity incidents through the adoption of …
What organizations need to know about the Digital Operational Resilience Act (DORA)
In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act (DORA) on …
Businesses foresee major impact from new SEC cybersecurity disclosure rules
While 98% of security professionals and executives have started working to comply with the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, …
98% of businesses linked to breached third parties
According to the updated SEC regulations on cybersecurity incident disclosure, findings by SecurityScorecard reveal that 98% of companies are associated with a third party …
AI in cybersecurity presents a complex duality
Companies more than ever view GRC (Governance, Risk, and Compliance) as a holistic process and are taking steps toward getting a complete view of their risk environment and …
NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …
How to make sense of the new SEC cyber risk disclosure rules
SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in …
NIS2 Directive raises stakes for security leaders
In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to …
Third-party risk management best practices and why they matter
With organizations increasingly relying on third-party vendors, upping the third-party risk management (TPRM) game has become imperative to prevent the fallout of third-party …