Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Physical layer-based asset risk management provider Sepio has raised $22 million in a Series B funding round led by U.S. Venture Partners. [Read More]
The White House has added the chemical sector to its ICS Cybersecurity Initiative, after electric, pipeline and water. [Read More]
The Federal Trade Commission has announced a set of actions against online alcohol marketplace Drizly and its CEO, James Cory Rellas, over improper data security practices. [Read More]
The TSA has issued new cybersecurity requirements for freight and passenger rail operators. [Read More]
SafeBreach warns of a new PowerShell backdoor that pretends to be part of the Windows update process. [Read More]
California startup Bolster banks early-stage venture capital funding to build a fraud prevention platform for businesses. [Read More]
European venture capital and private equity firm Smartfin has acquired Hex-Rays, the company behind the widely deployed IDA Pro software disassembler. [Read More]
Microsoft releases patches to address more than 90 security defects affecting products in the Windows ecosystem but there's no fix yet for a pair of exploited Exchange Server bugs. [Read More]
A new Silicon Valley startup called Endor Labs has closed a $25 million seed-stage funding round to build a dependency lifecycle management platform to secure software supply chain. [Read More]
Threat modeling firm IriusRisk has raised $29 million in a Series B funding round led by Paladin Capital Group. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Laurence Pitt's picture
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
Torsten George's picture
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
Gordon Lawson's picture
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Torsten George's picture
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
Landon Winkelvoss's picture
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.
Marie Hattar's picture
It is a good idea to assume that your network has already been breached, even if no overtly malicious notifications have surfaced.
Marc Solomon's picture
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.
Torsten George's picture
While it might be overwhelming to look at the critical threats on the horizon you need to prepare for, focusing on these predictions for 2022 will help you strengthen your security posture and minimize your organization’s risk exposure.
Torsten George's picture
Before the next Cybersecurity Awareness Month comes along, companies across all industries should consider moving to a Zero Trust approach, powered by additional security measures such as MFA and endpoint resilience.
William Lin's picture
While there still isn’t a clear industry-accepted answer to Vendor risk management (VRM), there has been more interest in staying on top of and learning about the latest in this space.