%term

Mastering Cybersecurity in Today's World

Oct 17, 2023 By SecurityScorecard In SecurityScorecard

In a world where AI is everywhere, cybersecurity regulations are on the rise, and cyber insurance is booming, we need standardized metrics for cybersecurity. Remember, you can’t manage what you can’t measure. A recent report by SecurityScorecard and the Cyentia Institute discovered a startling fact: 98% of organizations have a third party with a breach in the last two years. In cybersecurity, metrics matter; knowing how to communicate and report on metrics is essential.

Read Post

SecurityScorecard

Read more about Mastering Cybersecurity in Today's World

CISA KEV Ransomware Interactive Visualization

Oct 17, 2023 By Scott Kuffer In Nucleus

When we first built the CISA KEV enrichment dashboard at Nucleus, our goal was to gain new insights into the vulnerabilities that had been confirmed by CISA as being exploited. Recently, CISA expanded the Known Exploited Vulnerabilities Catalog with vulnerabilities “known to be used in ransomware campaigns”. We find this data valuable in helping organizations identify which vulnerabilities on the KEV pose greater risk.

Read Post

Nucleus

Read more about CISA KEV Ransomware Interactive Visualization

What Is Security Posture?

Oct 16, 2023 By SecuritySenses In SecuritySenses

In the ever-evolving digital landscape, an organization's security posture stands as a sentinel, guarding against cyber threats and vulnerabilities. But what exactly is a security posture, and why is it crucial for businesses today? This article delves deep into the heart of this matter, unraveling the concept and exploring the essential components that constitute a robust security posture.

Read Post

SecuritySenses

Read more about What Is Security Posture?

Your Sender Policy Framework (SPF) Risk Exposure

Oct 16, 2023 By Caitlin Postal In UpGuard

The Sender Policy Framework (SPF) is an email authentication protocol that specifies email authorization through Domain Name System (DNS) records. When an email is sent through the Simple Mail Transfer Protocol (SMTP), there is no requirement for authorized messages, which means that spammers can forge your domain in their phishing attacks.

Read Post

UpGuard

Read more about Your Sender Policy Framework (SPF) Risk Exposure

10 Frequently Asked Supplier Risk Management Questions

Oct 16, 2023 By Sabrina Pagnotta In BitSight

Supply chain attacks are increasing. According to KPMG, 73 percent of organizations have experienced at least one significant disruption from a third-party in the last three years. These findings underscore the imperative of implementing a supply chain risk management program. But as your vendor portfolio grows, assessing your vendors for cyber risk can seem daunting and raises many questions.

Read Post

BitSight

Read more about 10 Frequently Asked Supplier Risk Management Questions

What is Threat Exposure Management?

Oct 16, 2023 By SecurityScorecard In SecurityScorecard

Staying ahead of cyberattacks and strengthening your organization’s defenses doesn’t happen overnight and can be hard to accomplish without the right tools and cyber strategies. SecurityScorecard’s Threat Intelligence team hosted a webinar that highlights the importance of threat exposure management, its latest trends, and how to implement this framework into an organization’s cybersecurity plan.

Read Post

SecurityScorecard

Read more about What is Threat Exposure Management?

How a Database Risk Assessment Reduces the Risk of a Cyberattack

Oct 13, 2023 By Trustwave In Trustwave

Database security often, and to an organization's detriment, falls between the cracks as security and IT teams scramble to stay on top of daily cyber hygiene tasks and deal with the never-ending problems of running their network. The danger of overlooking their database, or to put it in, say, banking terms – the vault – is this is likely a threat actor's primary target. An organization's database is where IP, credentials, and financial information are stored.

Read Post

Trustwave

Read more about How a Database Risk Assessment Reduces the Risk of a Cyberattack

Understanding Insurance Risk

Oct 13, 2023 By Razorthorn In Razorthorn

Insurance is essentially a sophisticated game of chance, where insurers evaluate the balance between the payouts they might need to make during the coverage period and the premiums they can charge. This delicate equilibrium hinges on risk assessment. When it comes to insuring against specific perils like fire, insurance companies send experts to scrutinize the safety measures in place. If your risk profile resembles a scene with candles, a furnace, and someone pouring gasoline, don't expect fire insurance because the risk here is simply too high.

View Video

Razorthorn

Read more about Understanding Insurance Risk

BlueVoyant Comprehensive Supply Chain Defense

Oct 13, 2023 By BlueVoyant In BlueVoyant

Discover BlueVoyant's comprehensive, highly configurable third-party cyber risk management.

View Video

BlueVoyant

Read more about BlueVoyant Comprehensive Supply Chain Defense

Why a robust risk management and cyber resiliency plan is an absolute necessity

Oct 12, 2023 By Simon Church In Xalient

As we are in the midst of Cybersecurity Awareness Month, and in the lead-up to our own Secure Connected Future Summit which we are hosting in November, I feel that a lot of the focus when it comes to cybersecurity still tends to be on prevention tactics. However, I would argue that it is not just about having the right defensive cybersecurity tools in place, but it is also about understanding how the organisation will recover from an incident – how quickly and at what cost to the business.

Read Post