Risk Management

SecurityScorecard Analysis of Lapsus$ Threat Group

Mar 31, 2022 By SecurityScorecard In SecurityScorecard

SecurityScorecard’s CISO Mike Wilkes and Threat Researcher Ryan Slaney discuss their latest insights on the Lapsus$ threat group, the recent Okta breach, and what CISOs should do to protect their organizations. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

View Video

SecurityScorecard

Read more about SecurityScorecard Analysis of Lapsus$ Threat Group

Things to Remember While Scaling Your Business

Mar 30, 2022 By SecurityScorecard In SecurityScorecard

Here are 2 things that helped us successfully scale SecurityScorecard: Having a customer-first mentality: You need to understand your customers deeply. You need to adopt Amazon’s empty-chair approach where the most important voice is the customers’ voice, not the CEOs’. Beginning with the right foundation: Here’s what most companies get wrong: When they start up and have 10-20 people, they focus on their customers.

View Video

SecurityScorecard

Read more about Things to Remember While Scaling Your Business

How to Meet Third-party Risk Requirements in NIST 800-53

Mar 30, 2022 By Edward Kost In UpGuard

The National Institute of Standards and Technology (NIST) has responded to the increased prevalence of third-party risks by specifying industry standards for securing the supply chain attack surface - the attack surface most vulnerable to third-party risks.

Read Post

UpGuard

Read more about How to Meet Third-party Risk Requirements in NIST 800-53

Cybersecurity Risk Management: Introduction to Security Analytics

Mar 29, 2022 By Graylog Security Team In Graylog

It’s mid-morning. You’re scanning the daily news while enjoying a coffee break. You come across yet another headline broadcasting a supply chain data breach. Your heart skips a quick, almost undetectable, beat. You have the technology in the headline in your stack. You set aside your coffee and begin furiously scanning through the overwhelming number of alerts triggered across all your technologies.

Read Post

Graylog

Read more about Cybersecurity Risk Management: Introduction to Security Analytics

Driving Business Results with a Strategic Approach to Risk - and with ZenRisk

Mar 29, 2022 By RiskOptics In RiskOptics

Every business activity involves risk, so simply viewing and measuring risk at a high level isn’t enough. InfoSec teams also need to identify and categorize risks as they relate to individual business activities and the context around them. Managing risk is all about delivering insights so that key stakeholders – including executives and the board – can better understand their IT risk posture and use that knowledge to make better business decisions. But where to start?

Read Post

RiskOptics

Read more about Driving Business Results with a Strategic Approach to Risk - and with ZenRisk

Working with At-Risk Businesses: How It Can Dismantle Your Zero Trust Strategy

Mar 28, 2022 By SecurityScorecard In SecurityScorecard

Nowadays, building a zero-trust network has become a standard protocol in the era of evolving business models, multiple workforce platforms, cloud adoption, and increased device connectivity. But, if a business continues to work with at-risk organizations, the zero-trust policy crumbles. Working with well-secured third parties that uphold a zero-trust strategy is crucial for optimal cybersecurity within any business.

Read Post

SecurityScorecard

Read more about Working with At-Risk Businesses: How It Can Dismantle Your Zero Trust Strategy

Operationalize Risk and Compliance with the Reciprocity ROAR Platform

Mar 28, 2022 By RiskOptics In RiskOptics

The team at Reciprocity recently conducted a live poll and asked our audience, “Are you currently using your compliance program to guide your risk management program?” Here’s what our respondents said...

Read Post

RiskOptics

Read more about Operationalize Risk and Compliance with the Reciprocity ROAR Platform

How to Mitigate Risks in Software Supply Chain Security

Mar 24, 2022 By Snyk In Snyk

In this session, Mic McCully and Jake Williams explore the software supply chain as an attack vector – by identifying risks and mitigation strategies throughout the software development processes and environment. Watch this to learn how you can meet new requirements and protect your software from these attacks. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about How to Mitigate Risks in Software Supply Chain Security

Move aside, Conti, Lapsus$ coming through!

Mar 24, 2022 By SecurityScorecard In SecurityScorecard

-In the hours after news broke that Lapsus$ claimed to have breached Okta, an enterprise identity and access management firm, SecurityScorecard’s Threat Research and Intelligence team conducted a rapid investigation into Lapsus$ to provide customers and partners with the very latest in actionable security intelligence and insights related to this emerging cybercrime group. -Lapsus$’s targets have quickly evolved from Brazilian and Portuguese organizations to high-profile U.S.

Read Post

SecurityScorecard

Read more about Move aside, Conti, Lapsus$ coming through!

SEC's Proposed Disclosure Amendments: Are You Impacted?

Mar 24, 2022 By Edward Kost In UpGuard

On March 9, 2022, the Securities and Exchange Commission (SEC) announced proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting. These proposed amendments impact all public companies subject to the reporting requirements of the Security Exchange Act of 1934. To summarize this proposal and learn how to successfully prepare for them, read on.

Read Post