Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sedara

How Companies Can Protect Against Third-Party Risk in 2026

Feb 18, 2026 By Liz Sujka In Sedara
As organizations move deeper into cloud ecosystems, automation, AI integrations, and global supply chains, one truth becomes increasingly clear: In 2026, third-party risk is not just an IT concern. It is a business continuity concern, a regulatory concern, and in many industries, a board-level concern. From software vendors and cloud providers to managed services, payment processors, contractors, and niche business tools, every external connection introduces potential exposure.
Read Post
riscosity

Trust in the age of AI for fintech auditors

Feb 17, 2026 By Anirban Banerjee In Riscosity
There is an old saying: Trust, but verify. For Third-Party Risk Management auditors in regulated financial institutions, that principle has never been more relevant. Vendor questionnaires, SOC 2 reports, and annual reassessments are no longer enough. Regulators are moving beyond paper-based oversight and toward operational proof. The new expectation is clear: Show where customer data is actually flowing. Prove that you control it.
Read Post
Arctic Wolf

Human Risk Management and Security Awareness Training

Feb 17, 2026 By Arctic Wolf In Arctic Wolf
A notable statistic continues to shape the cybersecurity research landscape: the human element remains involved in roughly 60% of all confirmed breaches. That’s according to the 2025 Verizon Data Breach Investigations Report (DBIR), which found that social engineering actions like phishing, pretexting, and credential misuse are consistently intertwined with today’s most common attack paths, even when they are not the first visible technical vector.
Read Post
How Health Risk Assessments Drive Preventive Care and Lower Long-Term Costs?

How Health Risk Assessments Drive Preventive Care and Lower Long-Term Costs?

Feb 17, 2026 By SecuritySenses In SecuritySenses
Health Risk Assessments are increasingly used to support preventive care planning and population health management across healthcare systems.According to the CDC, chronic and mental health conditions account for the majority of U.S. healthcare spending, which exceeds $4 trillion annually.These assessments help identify risks earlier, when interventions are typically more effective and less resource-intensive.
Read Post
Vendor Risk Response: What Happens After a Vendor Risk Is Identified?

Vendor Risk Response: What Happens After a Vendor Risk Is Identified?

Feb 15, 2026 By SecuritySenses In SecuritySenses
In today's interconnected business environment, the relationship between organizations and their third-party vendors is crucial. However, it also introduces a range of risks. Vendor risk refers to the potential vulnerabilities or threats that arise from working with external suppliers, service providers, or partners. These risks can manifest in various forms, including data breaches, financial instability, operational disruptions, or non-compliance with regulations. Once a vendor risk is identified, it's essential to understand the steps that need to be taken to manage and mitigate that risk effectively.
Read Post

What is OpenClaw andAgentic AI? The Security Issues You Need to Be Aware of Now

Feb 13, 2026 By SecurityScorecard In SecurityScorecard
Over the past several weeks, OpenClaw and MaltBook have exploded across the headlines. Outlets have published stories about AI agents organizing themselves or even acting independently on Moldtbook. SecurityScorecard’s Jeremy Turner, VP of Threat Intelligence & Research and Anne Griffin, Head of AI Product Strategy discuss what OpenClaw is, how agentic AI works, and where the real security issues are based on new research from SecurityScorecard's STRIKE Threat Intelligence team.
View Video
vanta

The best risk management software for 2026

Feb 12, 2026 By Vanta In Vanta
For many organizations, risk management is still stuck in the past—reliant on spreadsheets, manual reviews, and static registers that go stale shortly after they’re created. Without clear ownership or automation, treatment plans linger, and accountability slips. Risks remain fragmented across departments, disconnected from business impact and board visibility. ‍ At the same time, emerging threats are evolving faster than ever.
Read Post
bitsight

A Match Made in Heaven: How Valentine's Day Fuels Seasonal Phishing Attacks

Feb 12, 2026 By Emma Stevens In BitSight
Valentine’s Day runs on emotion. Surprise, urgency, curiosity, trust, love. For threat actors, that combination is hard to beat. Every year in mid-February, security teams see the same pattern. Phishing campaigns pick up. Brand impersonation increases. Fraud attempts follow close behind. It is not because attackers suddenly developed new techniques.
Read Post
nucleus

CISA BOD 26-02 and the Next Phase of Vulnerability Management

Feb 12, 2026 By Scott Kuffer In Nucleus
CISA recently published BOD 26-02, the latest Binding Operational Directive shaping how federal agencies manage cyber risk. While attention often gravitates toward highly visible directives like KEV, this one matters for a different reason: it raises the standard for how lifecycle risk must be tracked and sustained over time. BOD 26-02 is described as guidance on unsupported edge devices, which is accurate but incomplete.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.