In 2020, SecurityScorecard uncovered a case in which self-signed certificates caused misattributions for CDN IPs, and IPs shared by many websites. At the time, we mitigated this issue by labeling CDNs (e.g. Cloudflare, Akamai, Fastly, etc.), so that customers could easily determine if their scoring problems were related to shared IPs.

In a threat landscape where organizations outsource vital business processes that leave data security in the hands of third-party information technology, vendor risk management is increasingly important. A 2022 KPMG study found that 73% of survey respondents experienced at least one significant disruption caused by a third party over the past three years.

Modern organizations are increasing cloud adoption to reap the operational benefits of outsourcing critical business functions. A 2021 study found that 90% of surveyed organizations now use cloud computing, such as software-as-a-service (SaaS) services. SaaS solutions help organizations achieve vital objectives, such as cost reductions and faster time-to-market. However, like all other digital transformation products, they also introduce cybersecurity risks.

As malicious attackers and nation states have increasingly weaponized the cyber domain to impact private companies, the sustainability of organizations' ties to their cybersecurity is in question across all industries and sectors. There are many examples of companies going out of business as a result of a cyber attack, due to business leaders failing to wrap their arms around all the different ways that the ever evolving cyber threat landscape can impact their business.

The 2021 CrowdStrike Global Security Attitude Survey found that on average, organizations take 146 hours to discover a cybersecurity incursion, an alarming increase on the 2020 average of 117 hours. This means that an intruder could remain inside an enterprise network for more than six days before detection. Moreover, those attackers can move laterally across the network in just 92 minutes, searching for — and often finding — sensitive enterprise data or other high-value assets.

Learn how the industrial internet of things (IIoT) is changing industries around the world, and what your business can do to make sure your IIoT devices are secure. The fourth industrial revolution – industry 4.0, as some are calling it – is upon us. As digital transformation sweeps across manufacturing, production and related industries, many organizations are grappling with this new stage in the organization and control of the industrial value chain.

Operational risk is defined as the risk of a loss that results from inadequate or failed business processes, people and systems, or from external events. More simply, operational risk pertains to any uncertainty or threat your organization faces (or might face in the future) during day-to-day business activities. The risk arises from operational disruptions and is likely to result in losses or reputational damage. Some operational risk is inevitable for every organization.

Most businesses today want to deliver modern applications, products, and services to customers as efficiently as possible. This seemingly simple goal is far more complex than it sounds – particularly in the age of digital transformation.

The vendor risk management process is now an essential requirement of all cybersecurity programs. Without it, you're a sitting duck for supply chain attacks and third-party data breaches. In recognition of this, regulatory bodies are increasing their third-party risk compliance requirements and enforcing obedience by threatening heavy financial penalties for non-compliance.

Global regulations for data privacy and cybersecurity are quickly becoming more common and more stringent. That puts added pressure on organizations to manage their risks appropriately or face potentially painful consequences. In particular, organizations around the world and across industries are experiencing high demand from regulators to implement compliance risk management.