Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

upguard

Securing Vendor Risk Management Onboarding in 2024

Jun 6, 2024 By Edward Kost In UpGuard
Onboarding is perhaps the most precarious phase of the Vendor Risk Management process. A single oversight could expose your organization to dangerous third-party security risks, increasing your chances of suffering a data breach. This post explains how to bolster the most vulnerable access points of the vendor onboarding process to help you securely scale your VRM program.
Read Post
upguard

A Guide to Vendor Risk Management Reporting in 2024

Jun 6, 2024 By Edward Kost In UpGuard
Vendor Risk Management encompasses a wide range of cybersecurity risk factors. As such, a VRM report design could range from highly detailed to concise, depending on the specific reporting requirements of stakeholders and the board. This list represents the most comprehensive scope of third-party risk management information to fit the broadest range of VRM reporting use cases.
Read Post
Featured Post
cultureai

Generative AI: Productivity Dream or Security Nightmare

Jun 5, 2024 By Frederick Coulton, Head of Product In CultureAI
The field of AI has been around for decades, but its current surge is rewriting the rules at an accelerated rate. Fuelled by increased computational power and data availability, this AI boom brings with it opportunities and challenges. AI tools fuel innovation and growth by enabling businesses to analyse data, improve customer experiences, automate processes, and innovate products - at speed. Yet, as AI becomes more commonplace, concerns about misinformation and misuse arise. With businesses relying more on AI, the risk of unintentional data leaks by employees also goes up.
Read Post
cultureai

Deepfakes: The Next Frontier in Digital Deception?

Jun 5, 2024 By John Scott In CultureAI
Machine learning (ML) and AI tools raise concerns over mis- and disinformation. These technologies can ‘hallucinate’ or create text and images that seem convincing but may be completely detached from reality. This may cause people to unknowingly share misinformation about events that never occurred, fundamentally altering the landscape of online trust. Worse – these systems can be weaponised by cyber criminals and other bad actors to share disinformation, using deepfakes to deceive.
Read Post
bitsight

7 Types of exposures to manage beyond CVEs

Jun 5, 2024 By Vanessa Jankowski In BitSight
As cybersecurity leaders try to get ahead of threats to their organization, they're increasingly seeking ways to get off the hamster wheel of chasing countless CVEs (common vulnerabilities and exposures). The brass ring that most CISOs reach for today is prioritization of exposures in their infrastructure (and beyond), so their teams can focus on tackling the ones that present the greatest risk. In some cases, the highest priority exposures will still be critical CVEs on mission critical assets.
Read Post
upguard

Ultimate Guide to Vendor Risk Scoring

Jun 5, 2024 By Kyle Chin In UpGuard
Vendor risk scoring is a critical component within vendor risk management (VRM) or third-party risk management (TPRM) programs and an organization’s overall risk management strategy. Risk scoring is an integral tool in the risk assessment process, helping organizations identify, evaluate, and mitigate potential risks associated with third-party vendors or service providers.
Read Post
upguard

UpGuard Summit May 2024 Recap: Automated TPRM

Jun 5, 2024 By Nicholas Sollitto In UpGuard
The second UpGuard Summit of 2024 kicked off at the end of May, welcoming security professionals from APAC, EMEA, India, and the U.S. to discuss key developments and strategies across the cybersecurity industry. This quarter’s event focused on third-party risk management (TPRM), specifically how security teams can use automation to eliminate manual work and streamline critical TPRM workflows and processes.
Read Post
nucleus

Vulnerability Management Modernization & FedRAMP: Resilient Cyber Podcast

Jun 5, 2024 By Kevin Swartz In Nucleus
Ever wonder how Nucleus got started? Curious to know what our CEO and co-founder Steve Carter is working on? You’re in luck. Steve joined host Chris Hughes on the Cyber Resilience podcast to talk about those topics and more. Additionally, Steve and Chris explored the process for earning FedRAMP authorization, some of the particular vulnerability management challenges government agencies are dealing with, and why risk-based vulnerability management resonates with the government community.
Read Post
foresiet

Enterprise Risk Management Failures: Insights from the Cencora Breach

Jun 4, 2024 By Foresiet In Foresiet
In a significant cybersecurity incident, Cencora, a leading pharmaceutical services provider, experienced a data breach in February 2024, exposing sensitive patient information from 11 major pharmaceutical companies. This breach underscores the critical importance of robust enterprise risk management, vulnerability management, and endpoint security in protecting sensitive data and managing online reputation.
Read Post
bitsight

Race to KEV Remediation: Who Tops the Charts in Europe?

Jun 4, 2024 By Sabrina Pagnotta | Research by Ben Edwards In BitSight
In our global study of the CISA KEV Catalog, we uncovered widespread vulnerabilities and the swift pace at which threats evolve. As we dissect the layers of data from the report, it becomes evident that each country's unique approach to cybersecurity regulation, vulnerability management, and remediation presents distinct challenges and opportunities.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.