Security Experts:

long dotted


Petya, the ransomware family recently discovered to encrypt entire hard disks, performs a two-phase encryption process. [Read More]
Qualys ThreatPROTECT gathers and correlates data from vulnerability scans and threat feeds to give organizations a view of their potential exposure to threats. [Read More]
Facebook has paid out more than $4.3 million since the launch of its bug bounty program, $936,000 of which in 2015 [Read More]
Google will remove and distrust a Symantec root certificate from Chrome, Android and other products [Read More]
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware [Read More]
Cisco has agreed to acquire privately held, UK-based Portcullis, a consultancy that provides cybersecurity services to enterprise and government sector clients. [Read More]
Cyber risk intelligence company SurfWatch Labs launched SurfWatch Cyber Risk Cloud, an offering that allows organizations to compare their “evaluated cyber event data” to other sources of intelligence. [Read More]
Please join us for an interactive webcast on April 28 to learn how to improve the resiliency of your organization's strategic risk management and business operation. [Read More]
Internet security experts have set up "Project Honey Train" with an online railway control system as bait, hoping to "get inside the heads of cyber criminals" -- but without the real-life casualties. [Read More]
Mozilla has unveiled a new, cross platform memory inspection library that can be integrated into its Mozilla InvestiGator (MIG) endpoint security system. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Joshua Goldfarb's picture
If you’ve centralized all of your security resources, you will have a far more difficult time handling the incident than if you’ve strategically placed security resources around the globe.
Jennifer Blatnik's picture
It is critical for business leadership to address the growing threat of ransomware as a business risk rather than a siloed IT issue.
Adam Meyer's picture
Gaining awareness of supply chain risks and addressing them in the context of broader risk management programs will put organizations in a much better position when it comes to managing their cyber risk.
Alastair Paterson's picture
Failure to secure sensitive information during the M&A process opens the door to threat actors looking to profit by exploiting financial markets and proprietary intellectual property (IP).
Joshua Goldfarb's picture
Cyber insurance, like any tool, will not solve all of an organization’s problems. But it can help an organization round out its risk mitigation strategy.
Bill Sweeney's picture
Enterprises have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.
Torsten George's picture
CISOs should pro-actively monitor their company’s risk posture and provide quantitative views of the organization’s risk posture on a semi-annual basis — at the very least.
Rafal Los's picture
Some security organizations focus their energy on day-to-day fighting of security issues while others—a significantly smaller portion—sacrifice today’s operations for the ability to plan for tomorrow.
Wade Williamson's picture
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
Torsten George's picture
Security metrics need to extend beyond quantitative factors to be able to more effectively measure and communicate the organization’s cyber risk posture as it relates to business goal.