Acknowledging the invaluable role of spreadsheets in managing Governance, Risk, and Compliance (GRC) tasks over the years is like tipping our hats to a steadfast companion. These trusty tools have been the go-to for many organizations, embedded so deeply that a 2020 Forrester Research study revealed that 82 percent still rely on spreadsheets for handling third-party risk. And undeniably, they’ve served their purpose to a certain point.

For many organizations, the transition to the cloud for data storage is inevitable. Whether shifting operations entirely to a cloud environment or modernizing your systems using cloud-based applications, you must choose the best cloud computing platform with the best cloud security for your compliance program.

During my first few years as a CISO at Avid Technology, I was able to install a robust cybersecurity program. (Avid is a software provider that equips digital content creators with innovative tools.) With the help of my security team, Avid had become more mature in their control measures. This maturity meant we were better armed to address cyber vulnerabilities. ‍ Unfortunately, on top of my regular duties, I also had to face an even greater challenge.

The Service Location Protocol (SLP), as defined in the RFCs, is vulnerable to abuse allowing attackers to use it as a powerful reflective denial-of-service amplification vector. Earlier this year, Bitsight and Curesec published a joint research regarding this flaw tracked as CVE-2023-29552, which details the issue as well as its global impact and exposure.

The automotive industry stands at the crossroads of innovation and vulnerability. As cars become increasingly connected, with advanced systems and features that rely on intricate software, the rise of automotive hacking has become a pressing concern. The convergence of traditional mechanical engineering and cutting-edge software has given rise to a new breed of threats that extend beyond physical security, delving into the digital realm of vehicle control systems.

In today’s complicated, highly interdependent business environment, assuring business security is not just a regulatory requirement. It’s also a vital component of a successful business strategy. Automation becomes crucial in such a world, offering innovative solutions that streamline operations, mitigate risks, enhance overall safety, and provide peace of mind.

Cybersecurity is a critical concern for businesses of all sizes. For small and medium-sized businesses (SMBs), the growing complexity of cyber threats poses a unique challenge. This is where threat intelligence comes in as a game-changer, offering SMBs a way to enhance their cybersecurity measures effectively.

It’s well known by now that cyber attacks and successful breaches have exploded in recent years. Accenture’s latest report on the state of cybersecurity notes that companies experience an average of 270 attacks per year. And Gartner warns that nearly half of organizations worldwide will experience an attack on their digital supply chains.

Supply chain management has become a top priority for businesses due to the increasing use of digital technologies and geopolitical uncertainties, making global supply chains more vulnerable than ever to disruptions. This reality highlights two critical aspects of supply chain management: Supply Chain Risk Management (SCRM) and Supply Chain Security Management (SCSM).

The great Yogi Berra is often quoted as having said "in theory, there is no difference between practice and theory. In practice, there is." Perhaps the same can be said about software licensing agreements. There are often two dimensions to any software license agreement: what’s in the agreement and how the commercial relationship is implemented in practice.