article thumbnail

On Risk-Based Authentication

Schneier on Security

A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before.

article thumbnail

Existential Risk and the Fermi Paradox

Schneier on Security

The risks we face today are existential in a way they never have been before. Uncategorized complexity risks security analysisWe know that complexity is the worst enemy of security, because it makes attack easier and defense harder.

Risk 214
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The risks of 5G security

Tech Republic Security

The post The risks of 5G security appeared first on TechRepublic. Unless you've been living under a rock for the past decade, you’ve probably heard of 5G telecommunications. But what is it? 5G Security 5g 5g security

article thumbnail

COVID-19 Risks of Flying

Schneier on Security

This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot.

Risk 283
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

article thumbnail

AI Security Risk Assessment Tool

Schneier on Security

Uncategorized artificial intelligence automation machine learning risk assessmentMicrosoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” ” Details on their blog.

Risk 255
article thumbnail

The Legal Risks of Security Research

Schneier on Security

Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.” Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance.

Risk 251
article thumbnail

The risks of edge computing

Tech Republic Security

Edge computing opens organizations up to some security risks, but they can be mitigated with the proper planning. The post The risks of edge computing appeared first on TechRepublic. Edge Security edge computing edge computing risks

Risk 113
article thumbnail

Risks of Evidentiary Software

Schneier on Security

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example).

Software 259
article thumbnail

Risks of Password Managers

Schneier on Security

Stuart Schechter writes about the security risks of using a password manager. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud. In my way of thinking, that reduces the risks of a password manager considerably. passwordsafe passwords riskassessment risks

article thumbnail

Security Risks of Chatbots

Schneier on Security

Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks

Risk 172
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

article thumbnail

Cyber Risk Quantification: Metrics and Business Objectives

Security Boulevard

Risk management is the new foundation for an information security program. Risk management, coupled with necessary compliance activities to support ongoing business operations, centers upon identifying and working to mitigate risks associated with a given organization. .

article thumbnail

Third-Party Risk Management Efforts Remain Lackluster

Security Boulevard

The post Third-Party Risk Management Efforts Remain Lackluster appeared first on Security Boulevard.

Risk 83
article thumbnail

Undersea Cables and Cyber Physical Risks.

Cisco CSR

Often security researchers and security teams focus on threats to software and the risks associated with authenticating and managing users. However, this risks saturating the remaining infrastructure and adversely affecting the quality of connections. .

Risk 114
article thumbnail

Major US Lending Company Chooses DTEX to Mitigate Insider Risk

Security Boulevard

Insider risk is fast becoming a top priority for many enterprise organizations, particularly those in critical infrastructure industries. At a time when employee turnover is skyrocketing, companies must remain vigilant about indicators of potential insider risk.

Risk 63
article thumbnail

What is Cyber Risk?

Security Boulevard

The post What is Cyber Risk? The post What is Cyber Risk? CISO Suite Governance, Risk & Compliance Security Bloggers Network Cybersecurity Other risk managementThe discouraging numbers continue to grow as the latest high-profile breaches make headlines.

article thumbnail

Security risk assessment checklist

Tech Republic Security

The post Security risk assessment checklist appeared first on TechRepublic. Organizations, regardless of size, face ever-increasing information technology and data security threats. Everything from physical sites to data, applications, networks and systems are under attack.

Risk 78
article thumbnail

What is Cybersecurity Risk Management?

eSecurity Planet

Risk management is a concept that has been around as long as companies have had assets to protect. This article looks at cybersecurity risk management, how to establish a risk management system, and best practices for building resilience. What is Cybersecurity Risk Management?

Risk 92
article thumbnail

Managing Cyber Risk with Cyber Risk Quantification

Security Boulevard

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post Managing Cyber Risk with Cyber Risk Quantification appeared first on Security Boulevard.

article thumbnail

Are Cyber Attacks at Risk of Becoming 'Uninsurable'?

Lohrman on Security

There are dark clouds on the horizon as well as conflicting forecasts regarding cyber insurance in 2023 and beyond. Where will the insurance market go from here on cybersecurity coverage

Insurance 200
article thumbnail

Risk Management Programs for the Post-COVID Environment

Security Boulevard

After a year spent managing increased business risks—including security, IT resiliency and cybersecurity concerns—business leaders need to adjust their mindset when it pertains to risk management and avoid the more traditional approach to crisis management and business continuity planning.

Risk 112
article thumbnail

Open source code for commercial software applications is ubiquitous, but so is the risk

Tech Republic Security

A new study looks at the open source community’s efforts to “credit-rate” the risk. The post Open source code for commercial software applications is ubiquitous, but so is the risk appeared first on TechRepublic.

Software 136
article thumbnail

How to Create an Effective Compliance Risk Management Strategy

Security Boulevard

Learn more how to implement effective risk management and creating the right strategy for your business. The post How to Create an Effective Compliance Risk Management Strategy appeared first on Scytale.

Risk 83
article thumbnail

Managing Cybersecurity Risk in M&A

Cisco CSR

As Technology Audit Director at Cisco, Jacob Bolotin focuses on assessing Cisco’s technology, business, and strategic risk. Risk Management and Formula One. Risk management, assessment, and assurance are vital to establishing this confidence.

Risk 114
article thumbnail

National Security Risks of Late-Stage Capitalism

Schneier on Security

The company outsourced much of its software engineering to cheaper programmers overseas, even though that typically increases the risk of security vulnerabilities. In other words, the risk of a cyberattack can be transferred to the customers.

Risk 283
article thumbnail

Software supply chains at risk: The account takeover threat

Tech Republic Security

The post Software supply chains at risk: The account takeover threat appeared first on TechRepublic. Developer Security account takeover cyberespionage risk supply chain

article thumbnail

Qualys QSC Wrap-Up: Risk and Simplicity

Security Boulevard

Also, striking a balance between security and people, process and technology versus the risk/reward was something that both security leaders and business leaders need to confront and deal with every day. The post Qualys QSC Wrap-Up: Risk and Simplicity appeared first on Security Boulevard.

Risk 83
article thumbnail

Security Risks of Client-Side Scanning

Schneier on Security

I’m part of a group of cryptographers that has just published a paper discussing the security risks of such a system. (It’s Even before Apple made its announcement , law enforcement shifted their battle for backdoors to client-side scanning.

Risk 248
article thumbnail

The Ultimate Guide to Enterprise Risk Management

Security Boulevard

Enterprise risk management is a nebulous, hard-to-define topic area. It encompasses a large variety of risks and procedures. The post <strong>The Ultimate Guide to Enterprise Risk Management</strong> appeared first on Hyperproof.

Risk 56
article thumbnail

Managing Asset Risks During Healthcare M&As

Security Affairs

How healthcare delivery organizations (HDOs) can manage the IT asset risks during a healthcare M&A process. And with new assets come new risks. An M&A should be a time for organizational improvement, not increased cyber security risks.

article thumbnail

The NSA on the Risks of Exposing Location Data

Schneier on Security

The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Users should be aware of these risks and take action based on their specific situation and risk tolerance.

Risk 218
article thumbnail

Measuring Security Risk vs. Success

Security Boulevard

Oftentimes, how organizations measure risk determines how they will prioritize investments. The post Measuring Security Risk vs. Success appeared first on Security Boulevard.

Risk 107
article thumbnail

Cloud computing concentration and systemic risk

Security Boulevard

The post Cloud computing concentration and systemic risk appeared first on Security Boulevard. Cloud Security Security Bloggers Network Best Practices Cloud cloud computing CSO systemic risk

Risk 108
article thumbnail

Top 6 security risks associated with industrial IoT

Tech Republic Security

Industrial IoT is gaining adoption, but this comes with some security risks. The post Top 6 security risks associated with industrial IoT appeared first on TechRepublic. Check out the dangers and how you can avoid them.

IoT 159
article thumbnail

IT Risk Management: How to Get Started with Risk Frameworks

Security Boulevard

How do you select an IT risk management framework? This article outlines how different risk management frameworks work, what types of teams they’re made for, and other key differentiators between them.

Risk 52
article thumbnail

5 Fraud Risk Management Principles & Assessment Strategies

Security Boulevard

Learn about 5 key fraud risk management strategies to protect your business from the financial, material, & reputational risks associated with fraud. The post 5 Fraud Risk Management Principles & Assessment Strategies appeared first on Security Boulevard. Security Bloggers Network Threats & Breaches bot management Fraud Fraud Protection Fraud risk management online fraud Threat Research

Risk 43
article thumbnail

Perceptions of Insider Risk 2021

Security Boulevard

Insider Risk Summit This week at the Insider Risk Summit, industry experts shared their thoughts on how to mitigate insider risks with discussions about. The post Perceptions of Insider Risk 2021 appeared first on Security Boulevard.

Risk 100
article thumbnail

Overcoming Risk-Based Vulnerability Management (RBVM) Challenges

Security Boulevard

You clearly see that a risk-based vulnerability management (RBVM) approach is the only reasonable way to address the tsunami of vulnerabilities your organization encounters and provide the context needed for risk-based remediation decisions.

Risk 97
article thumbnail

Minimizing security risks: Best practices for success

Tech Republic Security

To reduce security threats within your organization, you must prioritize security risk management. The post Minimizing security risks: Best practices for success appeared first on TechRepublic.

Risk 161
article thumbnail

Why You Need a Third-Party Risk Management (TPRM) Program

Security Boulevard

The post Why You Need a Third-Party Risk Management (TPRM) Program appeared first on Security Boulevard. Cybersecurity Governance, Risk & Compliance Incident Response Security Boulevard (Original) Spotlight 3rd-Party Risk Management NIST risk TPRM TPRM Framework

Risk 82
article thumbnail

Cyber Risk Quantification Drives Cyber Risk Awareness for Security AND Business Leaders

Security Boulevard

Strategic planning is essential to driving down risk, and traditional reporting methods like heat maps and stoplight reports no longer meet the growing needs of most cybersecurity programs. . Security Bloggers Network Threats & Breaches cyber attacks Cyber Risk Quantification cyber-risk

article thumbnail

What is Third-Party Risk?

Security Boulevard

As if managing your own risk profile isn’t challenging enough today, your organization must concern itself with how. The post What is Third-Party Risk? The post What is Third-Party Risk?

Risk 86