Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

AXA has entered an agreement with SecurityScorecard to have access to security ratings, which will be used to help set the premium for its insurance agreements. [Read More]
IBM adds two new features to its MaaS360 with Watson unified endpoint management (UEM) product: Business Dashboards for Apps and Policy Recommendation Engine [Read More]
Researchers discover vulnerabilities in ten WordPress plugins made by Multidots for WooCommerce e-commerce websites. WordPress disabled many of them after the developer failed to release patches [Read More]
Vulcan Cyber emerges from stealth with $4 million in seed funding and a vulnerability remediation platform [Read More]
FireEye releases GeoLogonalyzer, an open source tool that helps organizations detect malicious logins based on geolocation and other data [Read More]
CERT/CC announced this week that the CERT Tapioca network traffic/MitM analysis tool has been updated with new features and improvements [Read More]
Senator Ron Wyden instructs the U.S. Department of Defense (DoD) to implement HTTPS and other cybersecurity best practices on all its websites and web services [Read More]
U.S. Department of Energy lays out its multiyear cybersecurity plan, which includes strengthening preparedness, coordinating incident response and recovery, and accelerating RD&D [Read More]
As the adoption of open source components soars, vulnerabilities in this type of software have become increasingly common and they can pose a serious risk to applications, Synopsys study shows [Read More]
EFAIL: researchers say they’ve found ways to steal plain text from emails encrypted with OpenPGP and S/MIME, but some believe the claims are overblown [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
With so many intelligence teams blinded by vast amounts of data and an overwhelmingly complex threat landscape, establishing the right intelligence requirements (IRs) can be challenging.
Joshua Goldfarb's picture
There are quite a few ways in which enterprises can look to properly evaluate various Vendor Risk Management (VRM) offerings and differentiate between them.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Josh Lefkowitz's picture
Before finalizing a vendor relationship, it’s crucial to construct a response plan in preparation for any future incidents the vendor might experience.
Rafal Los's picture
If you're not careful, security becomes a hinderance and a target. Where security leaders create inflexible environments, security tends to struggle.
Steven Grossman's picture
Without an understanding of where you stand today, new security tools will result in more redundancy and gaps in protection.
Ashley Arbuckle's picture
Edna Conway, Cisco’s Chief Security Officer, Global Value Chain, discusses mitigating third-party security risk across an ecosystem that includes tens of thousands of partners located around the globe.
Josh Lefkowitz's picture
Decision advantage reinforces that the value of intelligence lies not in the intelligence itself but in the decisions it shapes and drives.
Joshua Goldfarb's picture
Those of us that spend our lives in security sometimes forget how our field looks and sounds to others.
Torsten George's picture
The Zero Trust Security model offers a very pragmatic blueprint for implementing identity and access management-based strategies to secure applications, devices, data, and infrastructure – both on-premise and in the cloud.