Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Recorded Future has released a third-party risk module for its threat intelligence platform to provide customers with a risk posture score for their existing and potential third-party suppliers. [Read More]
DHS issues an emergency directive instructing federal agencies to take measures to mitigate DNS hijacking attacks after several government domains were targeted by malicious actors. [Read More]
Security teams need a geopolitical risk understanding when helping to source new purchases, and must be ready to source and test alternatives whenever and wherever necessary. [Read More]
VLC responds to criticism over the lack of HTTPS for software updates, claiming that the security risk is not as big as some suggest. [Read More]
Cybersecurity professionals comment on the impact of the U.S. government shutdown, which is the longest in U.S. history, nearing one month. [Read More]
A newly discovered set of compromised login details contains roughly 773 million email addresses, Australian web security expert Troy Hunt reveals. [Read More]
The annual World Economic Forum (WEF) Global Risks Perception Survey this year again includes two cybersecurity risks in the top five perceived long-term (10-year) risks. [Read More]
Hackers can abuse legitimate features present in industrial controllers to hijack these devices and gain a foothold in a network, a researcher warns. [Read More]
The founder of Huawei says his company would refuse to disclose secrets about its customers and their communication networks, trying to lay to rest concerns the tech giant might spy for China. [Read More]
A recently published report from the United States Department of Defense (DoD) shows that. while it has improved its stance, it still faces challenges in managing cybersecurity. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Mike Fleck's picture
A small business with one running all of IT, cannot defend against cyber-attacks from the North Korean military with the same vigor as Lockheed Martin or Northrup Grumman.
Torsten George's picture
Like the NIST Cybersecurity Framework, it integrates relevant regulations (e.g., HIPAA) and standards (NIST 800-53, ISO 27001, PCI DSS) into a single overarching security framework.
Josh Lefkowitz's picture
There’s no point in having billions of data points if those data points aren’t timely, accurate, actionable, and adequately map to your intelligence objectives and requirements.
Nick Sanna's picture
Board members and senior management are likely to wave off CISO techno-speak and push to get their questions answered on their terms.
Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Josh Lefkowitz's picture
It is important to understand how the right intelligence can support network defense teams, fraud, physical security, M&A, insider threat, supply chain, and brand reputation teams, among others.
Alastair Paterson's picture
Although the challenge may seem insurmountable, there’s a lot that security professionals can do to mitigate insider risk.
Nick Sanna's picture
Cyber risk has risen to the level of enterprise risk – which they expect to be measured, managed, and reported in the terms that the rest of the enterprise understands.
Marie Hattar's picture
Cybersecurity teams need to adopt an adversarial mindset and understand what their enemies are capable of and prepare an appropriate response.
Torsten George's picture
Solving the security challenges healthcare providers face will fuel faster growth, enable further digital transformation, and ultimately result in enhanced patient care and data protection.