Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

CISA warns that the BlackMatter ransomware has targeted multiple critical infrastructure entities in the United States, including organizations in the food industry. [Read More]
Microsoft, Intel and Goldman Sachs will lead a new supply chain security work group at the Trusted Computing Group (TCG). [Read More]
A new report shows that boardroom awareness and security budgets for third-party risk management have increased; but this is not necessarily translating into effective action. [Read More]
Over two dozen nations resolved Thursday to battle collectively against the global and escalating threat posed by cyber-extortionists, following a Washington-led anti-ransomware summit. [Read More]
FBI, CISA, EPA and NSA issue a joint advisory to warn organizations in the water and wastewater sector of attacks targeting IT and OT systems. [Read More]
With this extension, the company raised a total of $205 million in Series D funding, at a valuation of $1.35 billion. [Read More]
The Linux Foundation has secured a $10 million investment to expand the operations of the Open Source Security Foundation (OpenSSF). [Read More]
Tech giants Intel and VMware joined the security patch parade this week, rolling out fixes for flaws that expose users to malicious hacker attacks. [Read More]
Black Kite, a provider of third-party cyber risk rating services, has raised $22 million in a Series B funding round led by Volition Capital. [Read More]
Apple has published a 30-page threat analysis report to explain why sideloading would pose serious privacy and security risks to iPhone users. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

William Lin's picture
While there still isn’t a clear industry-accepted answer to Vendor risk management (VRM), there has been more interest in staying on top of and learning about the latest in this space.
Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
William Lin's picture
After every company goes through digital transformation, their threat model will change in response.
Derek Manky's picture
As we see an increasing number of recent attacks against critical infrastructure – cybersecurity and physical security can be intrinsically linked.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
Landon Winkelvoss's picture
Executive protection teams face threats from many sources including social media, telephone, email, and event in-person physical threats.
Landon Winkelvoss's picture
Ineffective security approaches when integrating two separate organizations can lead to significant issues that could undercut the business value of a merger or acquisition.
Landon Winkelvoss's picture
While cyber due diligence has yet to become commonplace in M&A transactions, the consequences of failing to identify risks and active campaigns can have costly implications.