Security Experts:

long dotted


Twitter makes some changes in preparation for the upcoming midterm elections in the US, including updates to rules on fake accounts and the distribution of hacked materials [Read More]
Facebook shares more details about the massive hack affecting 50 million accounts, including the exploited bugs, impact on users, attack timeline, and impact on Facebook [Read More]
Senate Homeland Security and Governmental Affairs Committee votes to approve several cybersecurity bills, including for incident response, a diagnostics and mitigation program, cyber workforce rotation, supply chain security, and safeguarding federal information systems [Read More]
Researchers have been seeing improvements in vehicle cybersecurity – local interfaces are increasingly hardened and there are fewer critical and high-impact vulnerabilities [Read More]
Accounting firm Moss Adams has acquired cyber risk management firm AsTech Consulting to help improve the cybersecurity offerings to its clients and prospects. [Read More]
Remote administration tools (RATs) used for legitimate purposes in operational technology networks can pose a serious risk, allowing malicious actors to target industrial systems, Kaspersky warns [Read More]
Judge Amy Totenberg ruled that the state of Georgia's existing plans for the midterm elections to be conducted via Diebold AccuVote DRE touchscreen voting machines must stand. [Read More]
Symantec launches free service designed to make elections more secure by helping candidates and political organizations detect fake websites [Read More]
SecurityWeek spoke to several past and present CISOs to better understand the use of metrics to communicate with business leaders: why metrics are necessary; how they can be improved; what are the problems; and what is the prize? [Read More]
The Secureworks Security Maturity Model incorporates elements of well-known frameworks like National Institute of Standards and Technology (NIST) and ISO 27001/02 with insight from Secureworks' global threat intelligence. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Josh Lefkowitz's picture
It is important to understand how the right intelligence can support network defense teams, fraud, physical security, M&A, insider threat, supply chain, and brand reputation teams, among others.
Alastair Paterson's picture
Although the challenge may seem insurmountable, there’s a lot that security professionals can do to mitigate insider risk.
Nick Sanna's picture
Cyber risk has risen to the level of enterprise risk – which they expect to be measured, managed, and reported in the terms that the rest of the enterprise understands.
Marie Hattar's picture
Cybersecurity teams need to adopt an adversarial mindset and understand what their enemies are capable of and prepare an appropriate response.
Torsten George's picture
Solving the security challenges healthcare providers face will fuel faster growth, enable further digital transformation, and ultimately result in enhanced patient care and data protection.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Siggi Stefnisson's picture
Companies often grant access to corporate data and give access to all sorts of systems with the expectation that their business partners will have reasonable security practices in place.
Stan Engelbrecht's picture
If you know you want to improve your security operations, but don’t know where to start, here are a few steps that can help get you ready for a security orchestration, automation, and response (SOAR) platform.
Josh Lefkowitz's picture
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.