The idea behind “SPoF,” or “Single Point of Failure,” is that if one part of a system fails, then the entire system fails. It’s not desirable. In IT and security circles, if a system or application can be disrupted or degraded severely by the failure of just one component or subcomponent, then we usually deem the design to have a flaw.
As we look towards 2023, it is important to gain insight from top cybersecurity experts on the emerging threats and trends in the field. In this interview series, we spoke with four leading CISOs in order to gain their perspective on the threats, trends, and their personal goals as CISOs in 2023. Meet our panel of distinguished CISOs who will impart their foresight and guidance on the future of cybersecurity in 2023.
Having effective enterprise cybersecurity is more than having your employees create a password that isn’t their pet’s name—unless perhaps their cat’s name is at least 12 characters long, and a combination of upper- and lower-case letters and symbols. Whether it’s well-researched spearphishing attempts or bypassing MFA, threat actors have only become more daring.
SecurityScorecard has been in Davos, Switzerland for the past week with heads of state, CEOs, and other global leaders as part of the 2023 World Economic Forum’s Annual Meeting. Along with climate change, sustainability, and geopolitical complexities, cybersecurity is one of the hottest topics of WEF’s official programming and the myriad private events that are part of the Davos annual experience.
The Fourth Industrial Revolution, with its accelerating pace of digitization and automation, means that organizations are becoming more dependent on data processing and connectivity to deliver value to their customers and stakeholders. Threat actors exploit this growing attack surface to achieve their aims: fraud, extortion, harassment, espionage, and other harms. They are smart, adaptive, and ruthless—and getting rich as a result.
Two years ago, Kovrr took a unique approach to cyber risk modeling of financial quantification (FQ) and expanded to the enterprise market. After a long time of quantifying risks of portfolios for global insurers and reinsurers, Kovrr was able to build expertise around quantifying risk with specific expertise in acquiring high-quality data to feed our models and fast time to value using automation.
Whether or not you believe in omens and superstition , Friday the 13th is a day of infamy. To celebrate—if that’s a thing—let’s look at some creepy cyber incidents that will have your skin crawling in good old Friday the 13th fashion.
Third party risk assessment is the process of evaluating and managing the risks associated with engaging third parties. It involves identifying, assessing, and mitigating potential risks that could arise from working with external vendors or partners. The goal of this type of assessment is to ensure that any risks posed by these relationships are minimized or eliminated altogether.
During the last week of December, a threat actor who goes by the name “Ryushi”, claimed to be selling public and private data of 400 million Twitter users, which was scrapped in 2021, using an API vulnerability which was fixed by Twitter in 2022. Since then, Ireland’s Data Protection Commission (DPC) notified that it "will examine Twitter's compliance with data-protection law in relation to that security issue".
