Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? the security posture of vendor partners). How useful is such a score?

Cyber Risk 255

Cyber Risk Energy and Utilities Risk Marketing 255

CyberSecurity Insiders

APRIL 29, 2022

Here is a rundown of the benefits of an asset management software in cutting down cyber-related threats. Identify assets and their associated risks. Admins can reduce security risks associated with unidentified, forgotten, or malfunctioning IT assets when IT possessions are tracked.

Cyber Risk 122

Cyber Risk Software Risk IoT 122

Security Boulevard

MARCH 20, 2025

Third-party cybersecurity incidents are on the rise, but organizations face challenges in mitigating risks arising for the software supply chain, a survey of 200 chief information security officers (CISOs) has found.

Cyber Risk 82

Cyber Risk CISO Risk Information Security 82

Schneier on Security

NOVEMBER 9, 2018

The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII.

Data collection 230

Data collection Cyber Risk Risk Government 230

Security Boulevard

JANUARY 6, 2023

Risk management is the new foundation for an information security program. Risk management, coupled with necessary compliance activities to support ongoing business operations, centers upon identifying and working to mitigate risks associated with a given organization. .

Cyber Risk 72

Cyber Risk Risk Information Security 72

The Last Watchdog

DECEMBER 5, 2024

5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the industrys leading information security magazine. Alisa Viejo, Calif.,

InfoSec 130

InfoSec Cyber Risk CISO Cybersecurity 130

CyberSecurity Insiders

AUGUST 13, 2021

As the needs in cyber risk management change, so must the credentials that support them. CAP information security practitioners champion system security commensurate with organizations’ missions and risk tolerance while meeting legal and regulatory requirements. Read the Full Article.

Risk 126

Risk Artificial Intelligence Cyber Risk IoT 126

The Last Watchdog

NOVEMBER 28, 2023

But that’s not enough to assuage their anxiety and instill confidence that they’re well protected against security threats. Their top areas of concern include cybersecurity risk (58%), information security risk (53%) and compliance risk (39%). Human error is among the top causes of security breaches.

Cyber Risk 113

Cyber Risk Risk B2B Social Engineering 113

SecureWorld News

MAY 27, 2021

6 key areas where NASA's information security is failing. General Accounting Office says previous audits have identified more than two dozen information security shortfalls at NASA that still need to be implemented. Pervasive weaknesses exist in NASA IT internal controls and risk management practices.

Cyber Risk 89

Cyber Risk Risk Architecture Cyber threats 89

Security Affairs

APRIL 11, 2021

Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to repay debt. Fitch Ratings published an alert last week to warn of the “material risk” to water and sewer utilities caused by cyber attacks that could also impact their ability to repay debt.

Risk 129

Risk Cyber Risk Cyber Attacks Government 129

IT Security Guru

MARCH 28, 2023

As cyber threats increase in frequency and complexity, organizations recognize the importance of having a Chief Information Security Officer (CISO) to protect their sensitive data and infrastructure. Determine which divisions you will work with, such as legal, audit , risk, marketing, and sales.

CISO 109

CISO Information Security Cyber Risk Cyber threats 109

SC Magazine

MAY 11, 2021

Today’s columnist, Sean McDermott of RedMonocle, says that companies should use the NIST 800-53 security and privacy controls to help find cyber risk blind spots. After that, companies need to fund and then fix the security gaps. That’s how many CISOs and security leaders feel in the “find” stage. Credit: NIST.

Cyber Risk 66

Cyber Risk Risk CISO Digital transformation 66

Security Boulevard

APRIL 1, 2021

When it comes to information security and stressing the importance of cyber risk management, getting the whole company (especially the C-suite) on the same playing field becomes paramount. There’s no question that when diving into it for the first time, cyber security can be a daunting function.

Cyber Risk 137

Cyber Risk Information Security Risk 137

SecureList

DECEMBER 9, 2024

This incident serves as a stark reminder of the critical risks posed by global IT disruptions and supply chain weaknesses. This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. However, delegating tasks also introduces new information security challenges.

Internet 113

Internet Internet Risk Social Engineering 113

Joseph Steinberg

DECEMBER 11, 2023

Veteran cybersecurity expert witness executive will help strengthen law enforcement capabilities to prevent, investigate, and prosecute information-age crimes. Steinberg has helped many organizations improve their management of cyber risk, and has assisted attorneys in achieving just compensation for parties wrongly harmed by cyberattacks.

Cybersecurity 278

Cybersecurity Artificial Intelligence CISO Information Security 278

The Last Watchdog

SEPTEMBER 4, 2024

is a subject-directed monitoring platform that provides a comprehensive 360-degree view in 3D of existential threats that impact organizations and the associated cyber risks posed by their vendors, partners, suppliers, networks, and digital assets. As cyber risks escalate, ThirdWatch? ThirdWatch? Central to ThirdWatch?

Risk 100

Risk Artificial Intelligence Cyber Risk Cyber threats 100

SecureWorld News

JANUARY 22, 2025

Lesson 3: AI Security Standards Gain insights into secure design, development, deployment, and maintenance of AI systems, with a focus on supply chain security and incident management. Meet the instructors Larry Wilson , CISSP, CISA, was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc.,

Cybersecurity 112

Cybersecurity Artificial Intelligence Cyber Risk Risk 112

CyberSecurity Insiders

MAY 3, 2023

By: Daron Hartvigsen , Managing Director, StoneTurn and Luke Tenery , Partner, StoneTurn When insider threat or insider risk is discussed in a corporate context, often the relevant topics include misconduct , fraud, misuse, or even the idea that insiders can be unwitting accomplices to social engineering exploitation.

Risk 120

Risk Cyber threats Marketing Engineering 120

The Security Ledger

OCTOBER 28, 2021

In this Spotlight edition of the podcast, we’re joined by Curtis Simpson, the Chief Information Security Officer at Armis. Curtis and I discuss the growing cyber risks posed by Internet of Things devices within enterprise networks. Curtis Simpson is the Chief Information Security Officer at Armis.

IoT 98

IoT Risk CISO Cyber Risk 98

CyberSecurity Insiders

JANUARY 24, 2022

by Great American, a powerful cyber risk management platform that combines the National Institute of Standards and Technology (NIST) driven, inside-out review of an organization’s cyber security posture with insights from continuous, external vulnerability scans and best-in-class cyber security ratings from SecurityScorecard.

Cyber Risk 52

Cyber Risk Insurance Risk Cyber Insurance 52

Centraleyes

NOVEMBER 26, 2023

Including diverse groups and minorities in risk mitigation in cyber security is not overvalued; in fact, it’s increasingly essential for cyber risk reduction. Diversity, Equity, and Inclusion (DEI) can revolutionize cyber risk mitigation techniques by bringing unique perspectives and strengths to the field.

Cyber Risk 52

Cyber Risk Risk Cybersecurity Cyber threats 52

The Last Watchdog

JANUARY 9, 2023

A Data Privacy Impact Assessment, or DPIA , is a formal assessment of the privacy risks of your data processing activities. The purpose of conducting a DPIA is to identify and assess the potential impact of these risks on individuals’ rights and freedoms from your proposed processing operations. DPIA starting point.

Data privacy 210

Data privacy Small Business Data collection Cyber Risk 210

Security Boulevard

MARCH 7, 2025

Check out best practices for shoring up data security and reducing cyber risk. And get the latest on cyber scams; zero-day vulnerabilities; and critical infrastructure security. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. Siloed cyber tools.

Cybersecurity 64

Cybersecurity Scams CSO Risk 64

The Security Ledger

SEPTEMBER 11, 2019

Third party cyber risk is growing. In this Spotlight Podcast, a companion to our new eBook, Rethinking Third Party Cyber Risk Management, we go deep on the topic of building a mature third party cyber risk program with Dave Stapleton the Director of Assessment. Third party cyber risk is growing.

Cyber Risk 40

Cyber Risk Risk Data privacy Insurance 40

Security Affairs

OCTOBER 13, 2024

Wiretap Systems Targeted in China-Linked Hack Hacker attack disrupts Russian state media on Putin’s birthday Awaken Likho is awake: new techniques of an APT group Mind the (air) gap: GoldenJackal gooses government guardrails Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret (..)

Data breaches 117

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 117

Security Affairs

APRIL 22, 2022

This shift to digital technology has created a new class of digital risks that are constantly evolving and strike faster and often with more severity than traditional risks. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance.

Cyber Insurance 100

Cyber Insurance Insurance Risk Technology 100

Threatpost

DECEMBER 24, 2019

Cyber-disclosure statements noting how long a company can go without a breach can help customers understand the reality of cyber-incidents and their exposure to loss.

Cyber Risk 54

Cyber Risk Risk Data breaches InfoSec 54

SecureWorld News

APRIL 13, 2025

It helps identify anomalies and potential third-party risks in real-time. Natural language processing (NLP): NLP allows AI to analyze and interpret human language, making it useful for scanning security logs, analyzing threat reports, and detecting suspicious activities in emails or messages.

Cybersecurity 98

Cybersecurity Artificial Intelligence Threat Detection Cyber threats 98

The Security Ledger

AUGUST 20, 2019

Related Stories Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats NotPetya Horror Story Highlights Need for Holistic Security. Read Security Ledger coverage of NotPetya here.

Insurance 40

Insurance Cyber Risk Risk Cyber Insurance 40

Duo's Security Blog

OCTOBER 18, 2021

We need to work with many different teammates on campus — risk management, legal, compliance and institutional review boards, to name a few — to effectively manage cybersecurity risk across our communities. They see the investment in MFA as critical to a campus cybersecurity program and managing risk for a campus.

Insurance 97

Insurance Education Risk Cyber Insurance 97

CSO Magazine

NOVEMBER 30, 2022

Ransomware and data breaches pose a massive risk to organizations, resulting in loss of customer trust and shareholder value, reputation damage, hefty fines, and penalties. Cyber risk is a top concern in US corporate boardrooms, elevating the role of the chief information security officer to rapid prominence.

CISO 88

CISO Cyber Risk Data breaches Information Security 88

Centraleyes

SEPTEMBER 1, 2024

In a world full of uncertainties, how do you keep your business risks in check? Today, we’re exploring risk register templates and how they can supercharge your risk management strategy. What is a Risk Register? First things first, let’s define what a risk register is. Why Use a Risk Register Template?

Risk 52

Risk Cyber Risk DDOS Data breaches 52

The Security Ledger

MAY 3, 2022

The post Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk appeared first on The Security Ledger with Paul F. Related Stories DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk Episode 235: Justine Bone of MedSec on Healthcare Insecurity Episode 234: Rep.

Cyber Risk 40

Cyber Risk Risk Cyber Attacks Manufacturing 40

CyberSecurity Insiders

MARCH 23, 2022

This new era of attacks demonstrate that the cyber landscape will never be the same. Cyber and information security is at the top of the list of planned investments for CIOs in 2022, with 66% reporting they expect to increase associated investments. How are businesses responding? But where do you begin?

Cyber Risk 119

Cyber Risk Risk Ransomware Technology 119

Security Boulevard

SEPTEMBER 9, 2022

As digital initiatives and supply chains extend attack surfaces and increase exposure, modern organizations face unprecedented security challenges. But hiring a full-time chief information security officer (CISO) is not always possible for organizations – nor is it always needed. Objective. SilverSky can help.

Information Security 59

Information Security CISO Risk Cybersecurity 59

Security Boulevard

MAY 26, 2025

In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant. Read all of Roberts post: Turn to Exposure Management to Prioritize Risks Based on Business Impact.

CSO 52

CSO Risk Cyber Risk Engineering 52

Centraleyes

DECEMBER 11, 2024

To comply with IATA Cyber Security Regulations, organizations need to take specific steps that align with the frameworks principles and best practices. These include: Cybersecurity Risk Assessment: Organizations must perform a comprehensive risk assessment to identify potential vulnerabilities in their operations.

Risk 52

Risk Cybersecurity Penetration Testing Digital transformation 52