Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

Managing Third-Party Cyber Risk in Financial Services

Jul 4, 2024 By UpGuard In UpGuard
In today's interconnected financial landscape, businesses face increasing risks from third-party vendors, making effective cyber risk management essential. Significant data breach costs and stringent regulatory requirements place further burden on this sector. In response, UpGuard offers a Vendor Risk Management solution to help institutions manage these risks and maintain compliance. Learn more at upguard.com/fsi.
View Video
bitsight

NIS2 Compliance: How to Identify and Evaluate Critical Suppliers

Jul 3, 2024 By Francisco Fonseca In BitSight
As the NIS2 Directive reshapes the cybersecurity landscape across Europe, a key focus for organisations is understanding and managing their critical suppliers. The directive mandates heightened scrutiny and tighter controls around these essential entities, underscoring their importance in your overall cybersecurity strategy. But the pivotal question remains: How do you determine who qualifies as a 'critical supplier'?
Read Post
jumpcloud

Your Cybersecurity Risk Is Higher on July 4

Jul 3, 2024 By Kate Lake In JumpCloud
While the Fourth of July is typically considered a day of celebration for those in the U.S., many don’t realize it’s also a period of heightened risk. In fact, this isn’t unique to the Fourth of July: holidays often see an uptick in cybersecurity threats. With the Fourth of July nearly upon us, let’s examine why this happens and how you can protect yourself and your business.
Read Post
kovrr

Likely Disclosure Inconsistencies With Massive Snowflake Data Breach

Jul 2, 2024 By Kovrr In Kovrr
‍After unearthing evidence as early as May 2024, cloud computing–company Snowflake released an official statement on June 2, reporting that they were investigating a series of targeted cyber events. A week later, Google's Mandiant, who, alongside Crowdstrike, is aiding Snowflake in this investigation, concluded that clients had been attacked after malicious actors had gotten access to compromised credentials.
Read Post
sysdig

Want Your Third Parties To Take Security Seriously?

Jul 2, 2024 By Crystal Morin In Sysdig
In the last decade, outsourcing to third parties–especially in the gig economy–has taken over key functions that enterprises used to handle internally. Today’s companies are frequently virtual–using third-party services that span the likes of application development, back-office corporate functions, contract manufacturing and research, marketing, and core IT services.
Read Post
upguard

G2 Names UpGuard #1 TPRM Software - Summer 2024

Jul 2, 2024 By Kaushik Sen In UpGuard
We are delighted to announce that UpGuard has once again been recognized as the Leader in Third-Party and Supplier Risk Management Software by G2. The publication of G2's Summer 2024 report marks eight consecutive quarters were UpGuard was named a Category Leader. Established in 2012, G2 is a trusted resource for software reviews and customer feedback. It guides over 90 million users, including employees from all Fortune 500 companies, in making informed software choices.
Read Post
upguard

Third-Party Risk Management Dashboard: How to Design One

Jun 28, 2024 By Nicholas Sollitto In UpGuard
In today's interconnected business landscape, Third-Party Risk Management (TPRM), sometimes called vendor risk management (VRM), is a critical cybersecurity strategy for organizations aiming to safeguard their operations and reputation. With most companies increasing their reliance on external vendors and service providers, managing and mitigating risks associated with these third-party relationships is paramount.
Read Post
upguard

How CPG 235 is Shaping Data Security Standards in Finance

Jun 28, 2024 By Leah Sadoian In UpGuard
In 2013, the Australian Prudential Regulation Authority (APRA) introduced Prudential Practice Guide CPG 235, a comprehensive framework designed to enhance data risk management across the finance sector. This guide provides financial institutions with principles and best practices to safeguard data integrity, confidentiality, and availability. This blog explores CPG 235, its key components, compliance requirements, and how implementing the framework can enhance data security standards at your organization.
Read Post
upguard

Boost Your Cybersecurity with DevSecOps

Jun 28, 2024 By Leah Sadoian In UpGuard
As cyber threats increase in complexity and frequency, traditional security methods often fall short of safeguarding sensitive data and vital systems. DevSecOps offers a groundbreaking approach by incorporating security practices into all stages of the software development lifecycle (SDLC). By uniting development, security, and operations, DevSecOps ensures that security is a collective responsibility, promoting a culture of collaboration and ongoing enhancement.
Read Post

Building a Human-Centric Vulnerability Management Program

Jun 27, 2024 By Nucleus In Nucleus
Steve Carter, CEO and co-founder of Nucleus Security, and Dr. Nikki Robinson, Security Architect at IBM, discuss the importance of the people side of vulnerability management. They explore challenges such as context switching, long mean time to remediation, and the impact of communication on vulnerability management programs. The conversation includes practical advice on incorporating human factors into cybersecurity practices, how to improve communication and collaboration among teams, and why understanding human factors is crucial for effective vulnerability management.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.