Risk Management Archives

SECURITYWEEK NETWORK:

Security Experts:

Hi, what are you looking for?

Risk Management

Cyber Insights 2023 | Supply Chain Security

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Kevin Townsend7 days ago

Risk Management

CISA Provides Resources for Securing K-12 Education System

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.

Ionut ArghireJanuary 25, 2023

Cybersecurity’s Rising Business Importance and Why CISOs Make Great Board Members

CISO Strategy

Why CISOs Make Great Board Members

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Galina AntovaJanuary 24, 2023

Risk Management

A Change in Mindset: From a Threat-based to Risk-based Approach to Security

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Marie HattarJanuary 20, 2023

Risk Management

Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems

The Department of Defense is launching the third installment of its ‘Hack the Pentagon’ bug bounty program, which will focus on the Facility Related...

Ionut ArghireJanuary 16, 2023

Endpoint Security

Windows 7 Extended Security Updates, Windows 8.1 Reach End of Support

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Eduard KovacsJanuary 10, 2023

Application Security

One Year Later: Log4Shell Remediation Slow, Painful Slog

Almost exactly a year after the Log4Shell security crisis sent defenders scrambling to reduce attack surfaces, new data shows that remediation has been a...

Ryan NaraineNovember 30, 2022

Application Security

Project Zero Flags ‘Patch Gap’ Problems on Android

Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to...

Ryan NaraineNovember 28, 2022

Compliance

Digesting CISA’s Cross-Sector Cybersecurity Performance Goals

Last month, CISA released cross-sector cybersecurity performance goals (CPGs) in response to President Biden’s 2021 National Security Memorandum on improving cybersecurity for critical infrastructure control...

Gordon LawsonNovember 22, 2022

ICS/OT

US Offshore Oil and Gas Infrastructure at Significant Risk of Cyberattacks

The offshore oil and gas infrastructure faces cybersecurity risks that the Department of Interior should immediately address, the US Government Accountability Office (GAO) notes...

Ionut ArghireNovember 22, 2022

Management & Strategy

Google Making Cobalt Strike Pentesting Tool Harder to Abuse

Google has announced the release of YARA rules and a VirusTotal Collection to help detect Cobalt Strike and disrupt its malicious use.

Ionut ArghireNovember 21, 2022

Application Security

US Gov Issues Software Supply Chain Security Guidance for Customers

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) this week...

Ionut ArghireNovember 18, 2022

Application Security

Palo Alto to Acquire Israeli Software Supply Chain Startup

Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that...

Ryan NaraineNovember 17, 2022

Application Security

US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j

The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT...

Ryan NaraineNovember 16, 2022

Network Security

Cyber Resilience: The New Strategy to Cope With Increased Threats

As part of last month’s Cybersecurity Awareness Month, I was traveling around the globe to provide organizations actionable tips on how to strengthen their...

Torsten GeorgeNovember 16, 2022

Application Security

Akeyless Raises $65 Million for Secrets Management Tech

Israeli early-stage startup Akeyless has banked a whopping $65 million in venture capital funding to build technology to help businesses manage credentials, certificates, keys...

Ryan NaraineNovember 16, 2022

Management & Strategy

Holiday Cybersecurity Staffing Levels a Difficult Balancing Act for Companies

The effect of reduced staffing levels doesn’t just attract more cybercriminals, it makes the outcome of attacks more severe

Kevin TownsendNovember 16, 2022

Management & Strategy

CISA Releases Decision Tree Model to Help Companies Prioritize Vulnerability Patching

The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday announced the release of a Stakeholder-Specific Vulnerability Categorization (SSVC) guide that can help organizations...

Eduard KovacsNovember 11, 2022

Page 3 of 161‹ Previous 1 234 5 6 7 Next ›Last »

SECURITYWEEK NETWORK:

Security Experts:

Risk Management

Cyber Insights 2023 | Supply Chain Security

Risk Management

CISA Provides Resources for Securing K-12 Education System

CISO Strategy

Why CISOs Make Great Board Members

Risk Management

A Change in Mindset: From a Threat-based to Risk-based Approach to Security

Risk Management

Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems

Endpoint Security

Windows 7 Extended Security Updates, Windows 8.1 Reach End of Support

Application Security

One Year Later: Log4Shell Remediation Slow, Painful Slog

Application Security

Project Zero Flags ‘Patch Gap’ Problems on Android

Compliance

Digesting CISA’s Cross-Sector Cybersecurity Performance Goals

ICS/OT

US Offshore Oil and Gas Infrastructure at Significant Risk of Cyberattacks

Management & Strategy

Google Making Cobalt Strike Pentesting Tool Harder to Abuse

Application Security

US Gov Issues Software Supply Chain Security Guidance for Customers

Application Security

Palo Alto to Acquire Israeli Software Supply Chain Startup

Application Security

US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j

Network Security

Cyber Resilience: The New Strategy to Cope With Increased Threats

Application Security

Akeyless Raises $65 Million for Secrets Management Tech

Management & Strategy

Holiday Cybersecurity Staffing Levels a Difficult Balancing Act for Companies

Management & Strategy

CISA Releases Decision Tree Model to Help Companies Prioritize Vulnerability Patching

Featured

Cybercrime

UN Experts: North Korean Hackers Stole Record Virtual Assets

Vulnerabilities

Vulnerability Provided Access to Toyota Supplier Management Network

Ransomware

VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks

Funding/M&A

SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022

Cyberwarfare

US Downs Chinese Balloon Off Carolina Coast

Nation-State

Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op

Cybersecurity Funding

Cyber Insights 2023: Venture Capital

Latest News

Cybercrime

Minister: Cybercrimes Now 20% of Spain’s Registered Offenses

Funding/M&A

Skybox Security Raises $50M, Hires New CEO

Cyberwarfare

Spies, Hackers, Informants: How China Snoops on the US

Cybercrime

Australian Man Sentenced for Scam Related to Optus Hack

Vulnerabilities

Chrome 110 Patches 15 Vulnerabilities

Application Security

Application Security Protection for the Masses

Privacy

Tor Network Under DDoS Pressure for 7 Months