Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

Jira Integration Demo with UpGuard's Product Marketing Manager, Annie Luu

Hear from UpGuard's Product Marketing Manager, Annie Luu, as she introduces you to UpGuard's new Jira Integration feature. UpGuard's Jira integration plugs directly into your workflow management, giving you the flexibility to present only the information you want to the relevant people to address security risks promptly. =========== CHAPTERS:=========== Interested in finding out more about UpGuard?

How to Use Cyber Assurance Programs to Manage Risk Based on Business Outcomes

If you’ve been following any of our recent webinars or in-person presentations, you’ve heard us talk a lot about shifting the mindset from a focus on compliance to a risk-first approach. We’ve discussed that the best way to do this is to align your risk management program to specific outcomes, where compliance becomes a subset of your risk management program. But what does that mean specifically? And what are some examples of how this can be done?

CISO Insights: The Power of Risk Intelligence

In today’s digitally-connected world, cyber risk is no longer a matter of probabilities, but certainties. This requires CISOs to rethink their reactive risk management program by evolving to embrace a proactive risk intelligence approach. With a risk intelligence-informed program, CISOs and their teams can continuously collect insights in a way that enables proactive, holistic, and data-driven decisions about security.

Creating a Vendor Risk Management Framework

Global third-party suppliers have become an essential resource for many companies, providing crucial strategic and competitive support. Outsourcing, however, is not without its dangers. As dependency on third parties grows, so do the chances of supply chain, compliance, or reputation risks that hit your organization through those third parties. Your management team will need to address those risks somehow.

Security Ratings Recognized in NIST Cyber Supply Chain Risk Management Update

On May 5, 2022, the National Institutes of Standards and Technology (NIST) formally recognized outside-in third party security ratings and vendor risk assessment in their update to Special Publication 800-161. This update to federal standards specifically cites security ratings as a “foundational capability that "provide 14028." NIST SP 800-161 was designed to standardize supply chain risk management best practices for federal agencies and industry.

5 Historic Third Party Breaches

Third-party data breaches are one of the most concerning issues in cybersecurity today. You need your third parties to do business, but you can’t always trust (or verify) that their cybersecurity controls are as strong as they say, no matter how many questionnaires you send out. And of course, cybercriminals know that by hitting vendors rather than every single company separately, they can get the most ill-gotten gains for their effort.

Monitoring Data Risks & Investigating Threats Faster With the Rubrik Data Observability Engine

Why is it that the most impressive technologies are often the ones that go unnoticed? Sometimes what makes technology impressive is precisely that it goes unnoticed, and that is the case with the Rubrik Data Observability engine. As ransomware continues to grow as a real, costly, and persistent threat to conducting business, organizations are looking for smarter and faster ways to keep data safe and recover easily in the face of cyber attacks.

Third-Party Risk Management Regulations: What You Should Know

Without a doubt, partnering with third parties has many advantages, including boosting the functionalities and performance of an organization. But despite the benefits, third parties also introduce a host of risks to an organization, potentially disrupting operations, affecting financial standing, and harming reputation. An understanding of third-party risk management regulations is essential in order to protect your organization from a security breach and maintain a positive security posture.