Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The sixth annual survey from Smarsh on financial services communications compliance issues shows that regulatory scrutiny and compliance difficulties are increasing while resources and solutions are not. [Read More]
New report offers advice on each of the SANS critical security controls aimed specifically at providing security for SAP implementations. [Read More]
SWIFT CEO Gottfried Leibbrandt revealed a five-point plan designed to harden SWIFT transactions following the $81 million theft via the Bangladesh central bank. [Read More]
Onapsis warns that there are indicators of exploitation against 36 large-scale global enterprises around the world. [Read More]
Verizon has published its widely anticipated 2016 Data Breach Investigations Report (DBIR), compiled by Verizon with the support 67 contributing partners. [Read More]
FireEye has launched a new service designed to help organizations manage the risks associated with corporate Mergers & Acquisitions (M&A). [Read More]
In a recent survey, only 31 percent of respondents believe their vendor’s risk management program is highly effective, yet only 38 percent track the effectiveness of the vendor risk management program. [Read More]
Since no company can be secure against targeted attacks, there can be no surprise that law firms will be breached once they are targeted. [Read More]
Petya, the ransomware family recently discovered to encrypt entire hard disks, performs a two-phase encryption process. [Read More]
Qualys ThreatPROTECT gathers and correlates data from vulnerability scans and threat feeds to give organizations a view of their potential exposure to threats. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Alastair Paterson's picture
Sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s partners for weaknesses in defenses.
Torsten George's picture
By implementing these three main pillars, organizations can operationalize their cyber security practices to shorten time-to-detection and ultimately, time-to-remediation of cyber threats.
Adam Meyer's picture
With any cyber security-related capability, you need to answer the “so what” question. What does any of this intelligence mean? And does it help us achieve the desired outcome(s)?
Torsten George's picture
Relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process.
Ashley Arbuckle's picture
How can security professionals harness cybersecurity to help their organizations take advantage of new opportunities in order to thrive in this digital era?
Ken McAlpine's picture
Once you have an understanding of where your security risks are, you can make better choices about what types and what sources of threat intelligence are most applicable.
Alastair Paterson's picture
It's important to look at your environment through the eyes of an attacker to detect the threats and vulnerabilities relevant to your organization.
Torsten George's picture
Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart.
Ashley Arbuckle's picture
C-suite leaders should be thinking about cybersecurity as a strategic advantage that can set them apart from competitors.
Rafal Los's picture
While we can all agree that fundamentally security can’t succeed without knowing what we’re protecting, there are next to no good answers for how to do this.