Cyber threats pose a significant risk to organizations due to today's increasingly interconnected digital landscape. To address these challenges and ensure the security and resilience of critical infrastructure and digital services, the European Union introduced the Directive (UE) 2022/2555, commonly known as NIS 2 - which was actually approved on the same day as DORA, both being critical in how the EU is leveraging regulatory compliance and technology to reduce cyber risk.

The Hypertext Transfer Protocol (HTTP) and the Hypertext Transfer Protocol Secure (HTTPS) are data communication protocols for the internet. HTTPS uses encryption algorithms for secure data transfer. Without encrypted communications, information transfer is not protected and sensitive data becomes vulnerable to attackers. This article includes a brief overview of HTTPS, as well as actions you can take to ensure that you have set up HTTPS redirection for your website.

Today you’ll notice our new logo and typography. We’ve introduced a minimalist approach and opened up spacing within the letters to help with legibility and visual continuity. Our mission as a company is to help teams quickly and painlessly meet data security requirements with high confidence. Our goal is to align that mission with our user's entire experience, from day one.

The cloud can be cost-effective, scalable, flexible and – mostly – secure. So, it’s not surprising that 94 percent of enterprises use cloud services, 67 percent of enterprise infrastructure is cloud-based, and 92 percent of businesses have a multi-cloud strategy in place (source). But that doesn’t mean that breaches can’t happen.

In recent years, vendor risk management (VRM) has become a complicated practice as businesses aim to scale and manage potentially hundreds or thousands of vendors. With more vendors, cybersecurity risk is introduced, necessitating software and other digital solutions to adequately manage these vendors. The role of software in vendor risk management products is more important than ever now and moving forward.

Recent events, including the 2020 COVID-19 pandemic, shifts in demand, and labor shortages have shone a spotlight on supply chain resilience – or lack thereof. In response, business leaders recognize that becoming more resilient is a necessity and are looking at strategies for doing so. As a best practice, Gartner recommends that companies diversify their manufacturing networks, utilize regional or local supply chains, add buffer capacity, and more.

Repairing a weakness in your IT environment is always easier than dealing with the consequences of that weakness — like, say, a massive data breach — sometime later. This means your security team must be proficient at finding those weaknesses and assessing your IT environment’s vulnerabilities. Those vulnerabilities can include weak passwords, poor patch management, and lax security training.

Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain. Supply chain risk extends past those suppliers with whom you’re doing business directly. Beyond your third-party suppliers are their suppliers, and the supply chain continues branching out from there. In today's connected world, organizations must not isolate their supply chain risk management.

Whenever an organization outsources part of its business process to an outside party, it introduces various risks to the primary organization. Third-party risk management refers to how organizations address and mitigate security risks across their entire library of vendors and suppliers. Unfortunately, third-party risk exposure can be difficult to manage and comes with many challenges organizations must address for an effective third-party risk management program.

The concept of ratings has been the accepted standard for making investment decisions. The first commercial credit reporting agency, the Mercantile Agency, was founded in 1841. While this relied on largely subjective methods of evaluation, it wasn’t until the 1960s, when credit reporting became computerized, that the industry consolidated and took off. Since then, credit and financial ratings models have progressed to become objective and trustworthy data points that inform lending decisions.