Risk Management

The Future of Cybersecurity: Insights and Predictions for 2025

Jan 8, 2025 By Notis Iliopoulos In Obrela

2024 marked a transformative shift in cybersecurity with AI and data driven cyber security leading the change. As the threat landscape evolves, the stage is set for further advancements in continuous risk management, threat monitoring, resilience, and governance in 2025, shaping a more secure and dynamic digital landscape where cybersecurity is becoming a catalyst for business success and compliance.

Read Post

Obrela

Read more about The Future of Cybersecurity: Insights and Predictions for 2025

Nucleus Security's Year-End Panel on Risk-Based Vulnerability Management

Dec 20, 2024 By Nucleus In Nucleus

In this Nucleus webinar, our panel of cybersecurity experts delves into the complexities and best practices for Risk-Based Vulnerability Management (RBVM) in modern organizations. Led by co-founder Scott Kuffer, the discussion covers the evolution of RBVM, the importance of a unified data approach, the role of automated tools, and effective metrics for vulnerability management. Insights from Cecil Pineda, Gregg Martin, and Steve Carter provide a comprehensive look at strategies for mitigating risks and improving security posture through enhanced vulnerability management processes into 2025.

View Video

Nucleus

Read more about Nucleus Security's Year-End Panel on Risk-Based Vulnerability Management

Continuous Risk Assessment: The Connecting Thread in CTEM

Dec 19, 2024 By Amit Sheps In IONIX

In Continuous Threat Exposure Management (CTEM), risk assessment acts as the central thread that ties all components together, turning raw threat intelligence, vulnerability detection, and external attack surface monitoring into actionable mitigation strategies.

Read Post

IONIX

Read more about Continuous Risk Assessment: The Connecting Thread in CTEM

DPDP, India's Privacy Law

Dec 19, 2024 By Anirban Banerjee In Riscosity

India's Digital Personal Data Protection (DPDP) law, enacted in 2023, represents a pivotal step in safeguarding personal data privacy while fostering accountability among entities handling such data. As businesses grapple with its requirements, understanding its core mandates, applicability, timeline, and implications is critical for compliance and operational efficiency.

Read Post

Riscosity

Read more about DPDP, India's Privacy Law

Day in the Life of a CISO: A Vendor Breach: Assessing Our Exposure

Dec 19, 2024 By SecurityScorecard In SecurityScorecard

It’s 10:47 PM, and I’m halfway through binge-watching the latest must-see series when my phone buzzes. A notification from SecurityScorecard has my attention instantly: one of our critical vendors has just reported a breach. I hit pause, grab my laptop, and dive straight in. As much as I’d love to ignore it for a few hours, cyber risks don’t come with snooze buttons. Before panic sets in, I’m logging into the SecurityScorecard platform.

Read Post

SecurityScorecard

Read more about Day in the Life of a CISO: A Vendor Breach: Assessing Our Exposure

Get a unified approach towards Compliance with NIS2 and DORA

Dec 18, 2024 By Notis Iliopoulos In Obrela

In the cyber security domain, the increase of cyber-attacks alongside the acceleration of businesses’ digital transformation, drive states to deploy a more ringent regulatory framework to protect data and establish a code of conduct for businesses. In this perspective, it is essential to view compliance as an integral component of the wider governance framework, which is grounded in international standards of an interconnected world that makes best use of already tested best practices.

Read Post

Obrela

Read more about Get a unified approach towards Compliance with NIS2 and DORA

The Aftermath of the Kaspersky Ban

Dec 18, 2024 By Pedro Umbelino In BitSight

In the spring of 2024, amid growing international concern about supply chain risk and the trust and reliability of technology suppliers, the United States banned Kaspersky Lab, Inc., the Russia-based antivirus company from providing its products to the US market. The ban went into effect on September 30, 2024. What impact has the ban had on US and global usage of Kaspersky? Has it been effective? A new analysis from Bitsight contains some surprising results.

Read Post

BitSight

Read more about The Aftermath of the Kaspersky Ban

Enhancing Corporate Governance in the Digital Age: Integrating Cybersecurity into ESG Stewardship

Dec 18, 2024 By Nicole Matusek In BitSight

In an era where digital resilience is vital to corporate health, cybersecurity is a critical governance issue. The partnership between Bitsight and Glass Lewis underscores this reality by providing companies with a forward-thinking approach to assessing cybersecurity as part of Environmental, Social, and Governance (ESG) considerations.

Read Post

BitSight

Read more about Enhancing Corporate Governance in the Digital Age: Integrating Cybersecurity into ESG Stewardship

LLMs - The what, why and how

Dec 18, 2024 By Anirban Banerjee In Riscosity

LLMs are based on neural network architectures, with transformers being the dominant framework. Introduced in 2017, transformers use mechanisms called attention mechanisms to understand the relationships between words or tokens in text, making them highly effective at understanding and generating coherent language. Practical Example: GPT (Generative Pre-trained Transformer) models like GPT-4 are structured with billions of parameters that determine how the model processes and generates language.

Read Post

Riscosity

Read more about LLMs - The what, why and how

Discover Every Identity to Manage Cybersecurity Risk Effectively

Dec 18, 2024 By Lilach Faerman Koren In CyberArk

Next time you’re outside on a clear night, look up at the stars and start counting. Chances are you’ll lose track, skip over some or completely forget where you started—there are just so many. Now imagine that vast sky is your enterprise, and each sparkling dot represents an identity (or account). Can you find them all—let alone secure them? If you’re like most organizations out there, the answer is no.

Read Post