Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

upguard

Top 10 Security Events of 2025

Dec 17, 2025 By Revashni Moodley In UpGuard
If 2025 has taught us anything, it’s that risk is no longer confined to the edges of your network. The traditional security perimeter has dissolved, with risk creeping into the very tools we use to run our businesses. Organizations faced off against catastrophic configuration errors, the weaponization of third-party trust connections, Multi-Factor Authentication (MFA) failures, and attackers who clearly love the holidays.
Read Post

SecurityScorecard CISO Steve Cobb as Cyber Santa's 2025 Naughty and List 2025

Dec 17, 2025 By SecurityScorecard In SecurityScorecard
AI dominated headlines this year and threat actor groups made bold moves in 2025. From threat actors like Imperial Kitten and scammers using tools like Sora AI to mimc real human voices to Congressional action on the PILLAR act and a $50 billion rural healthcare investment from the U.S. government, there are a lot of moments this year that make up Cyber Santa's Naughty and Nice List for 2025.
View Video

Risk Acceptance vs Risk Exposure: Making Smarter Security Investments

Dec 17, 2025 By Reach Security In Reach Security
Before investing in new security tools, it’s critical to understand what your current stack is actually delivering. Barmak Meftah spoke about the importance of baselining existing investments to truly grasp risk acceptance versus real risk exposure. Without that foundation, new acquisitions lack context and are often driven by trends rather than necessity. Smarter decisions come from understanding:︎ What is already deployed︎ How it is configured︎ Where exposure persists.
View Video
Compliance Requirements That Make Cybersecurity Training Essential

Compliance Requirements That Make Cybersecurity Training Essential

Dec 17, 2025 By SecuritySenses In SecuritySenses
Cybersecurity threats continue to evolve, but one constant remains: human error is still one of the leading causes of data breaches. As a result, cybersecurity training has become more than a best practice-it is increasingly a requirement driven by regulations, insurance providers, and industry standards. Organizations that fail to properly train employees not only expose themselves to cyber risk but may also fall out of compliance with critical legal and contractual obligations.
Read Post

The Author's Take: The Past, Present, & Future of Third Party (Cyber) Risk Management

Dec 16, 2025 By SecurityScorecard In SecurityScorecard
“It is also a common trap of giving inexperienced customers a false sense of security…”~Navigating Supply Chain Cyber Risk TPRM processes today are filled with thousands of pages of questionnaires, assessments, and more, but does that status quo really help secure your vendor ecosystem? Join Aleksandr Yampolskiy (CEO & Co-Founder, SecurityScorecard) and Alex Golbin (Co-Author, Navigating Supply Chain Cyber Risk) as they chat about.
View Video
bitsight

Practitioner Insight: 4 Best Practices for Supply Chain Risk Resilience in Finance

Dec 16, 2025 By Greg Keshian In BitSight
Like any other global industry, financial services companies face tremendous challenges of scale and complexity when it comes to managing cyber risk across their digital supply chain. The financial services supply chain is composed of more than 1.6M third-party relationships across the industry ecosystem.
Read Post
Arctic Wolf

How To Reduce Risk This Holiday Season

Dec 16, 2025 By Adam Marrè In Arctic Wolf
The holiday season is traditionally a period of goodwill, gift giving, and time with loved ones, but if you are responsible for your enterprise’s cyber defenses it’s also a time when you should have a heightened awareness of cyber risk. Cybercriminals often treat this time of year as a prime opportunity to exploit the unprepared and unwary.
Read Post
kovrr

Finding the Best AI Governance Software for Enterprises

Dec 16, 2025 By Kovrr In Kovrr
‍ ‍AI governance software provides GRC leaders and security and risk managers (SRMs) with a dependable way to understand how AI is being used across the business and whether safeguards are functioning as intended. The software can translate a complex ecosystem of tools and models into concrete insights that stakeholders can evaluate.
Read Post
What Is a Prop Firm and How Technology Ensures Secure Trading

What Is a Prop Firm and How Technology Ensures Secure Trading

Dec 16, 2025 By SecuritySenses In SecuritySenses
In today's fast-paced financial markets, professional trading has evolved significantly, thanks to the rise of proprietary trading firms, commonly known as prop firms. These firms provide traders with the capital and resources necessary to trade financial instruments without risking their own money. But beyond the financial mechanics, technology plays a critical role in ensuring that trading within prop firms is secure, efficient, and transparent. This article explores what is a prop firm and the technological safeguards that protect both traders and firms in the digital era.
Read Post
nucleus

Kenna Lit the Spark on the Exposure Management Fire and It's Time for the Next Generation

Dec 15, 2025 By Steve Carter In Nucleus
When Kenna launched more than a decade ago, it reshaped an industry that had grown numb to vulnerability overload. Back then, vulnerability management meant looking at mountains of CSV files, scanner reports, and a never-ending backlog of unprioritized issues. Kenna introduced the idea that risk instead of raw counts should determine what gets fixed first. For many security teams, it was the first time they realized they didn’t have a vulnerability problem.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.