Risk Management

Examining the Concentration of Cyber Risk: How supply chains and global economies can adapt

May 2, 2024 By SecurityScorecard In SecurityScorecard

Company mergers, the consolidation of cloud technologies, and the interconnected nature of digital business have all led to a more efficient, fast-paced digital economy. But these advantages have also ushered in a higher degree of cyber risk concentration that stands to threaten national security and global economies.

Read Post

SecurityScorecard

Read more about Examining the Concentration of Cyber Risk: How supply chains and global economies can adapt

Snyk AppRisk Pro: A holistic approach to application risk management

May 1, 2024 By Daniel Berman In Snyk

Snyk AppRisk Pro ships with a range of innovative, ecosystem-driven capabilities alongside new analytics tools, providing comprehensive application risk management with Snyk.

Read Post

Snyk

Read more about Snyk AppRisk Pro: A holistic approach to application risk management

Slicing through CISA's KEV Catalog

May 1, 2024 By Ben Edwards In BitSight

KEV! KEV! KEV! No, you aren’t standing outside a frat house while some college kids encourage their buddy Kevin to finish his beverage. Rather, it’s the sound of people extolling the virtues of the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities(KEV) Catalog.

Read Post

BitSight

Read more about Slicing through CISA's KEV Catalog

Proactive Measures to Prevent Data Theft

May 1, 2024 By SecurityScorecard In SecurityScorecard

As the world becomes more and more digitally intertwined, the significance of data security cannot be overstated. Data theft, a critical threat to organizations worldwide, poses severe challenges, jeopardizing both reputational integrity and financial health. This blog post aims to dissect the concept of data theft, understand its impacts on organizations, and outline proactive measures to safeguard against such threats.

Read Post

SecurityScorecard

Read more about Proactive Measures to Prevent Data Theft

The Cybersecurity of the S&P 500: An in-depth analysis from SecurityScorecard

May 1, 2024 By SecurityScorecard In SecurityScorecard

In fall 2023, the U.S. Securities and Exchange Commission (SEC) adopted landmark cybersecurity regulations, requiring public companies to disclose “material” cybersecurity incidents within four days. Prior to this, there were very few breach reporting requirements, leaving business leaders, government officials, policymakers, and investors without key information on cybersecurity incidents.

Read Post

SecurityScorecard

Read more about The Cybersecurity of the S&P 500: An in-depth analysis from SecurityScorecard

Data Localization: Definition, Benefits and Challenges

Apr 30, 2024 By Charrah Hardamon In Riscosity

With the increase in privacy regulations, data localization is a rapidly growing concern for companies. With the right strategies and tools in place, companies can ensure their data remains secure and compliant with privacy laws while also benefiting from its localization. In this blog, we’ll explore what data localization is, the benefits and challenges, and how using the right set of tools can help.

Read Post

Riscosity

Read more about Data Localization: Definition, Benefits and Challenges

Enabling More Precise Evaluation of Email Security with DMARC

Apr 30, 2024 By Mónica Vale In BitSight

Email is a well-known and widely used attack vector for malware distribution, phishing, and many other types of threats. For this reason, we evaluate certain email security practices as part of the Diligence category of risk vectors used to calculate Bitsight Security Ratings. On April 30, 2024, we added a new email security evaluation focused on the use of Domain-based Message Authentication, Reporting, and Conformance (DMARC) records.

Read Post

BitSight

Read more about Enabling More Precise Evaluation of Email Security with DMARC

Keeper Webinar: Building a Robust Governance, Risk & Compliance Framework: Challenges & Solutions

Apr 30, 2024 By Keeper In Keeper

IT Compliance doesn't have to be chaotic. Join Teresa Rothaar, Keeper Security's Governance Risk & Compliance Senior Analyst, in this webinar for ActualTech Media on the challenges and solutions to build a robust GRC framework. Keeper helps every organization get full visibility and control over employee password strength, credential sharing, permissions, zero-trust network access and dark web exposure, strengthening auditing and compliance for HIPAA, PCI DSS, SOX, GDPR, CCPA and more.

View Video

Keeper

Read more about Keeper Webinar: Building a Robust Governance, Risk & Compliance Framework: Challenges & Solutions

Identity risk management: What is it and how can you achieve it?

Apr 30, 2024 By Ted Ernst In One Identity

Risk. It’s more than just an infuriating board game from your childhood. And when identity risk is involved in your cybersecurity landscape – and it will be involved, since identity is one of the most easily accessible and most frequently attacked facets of your IT environment – the potential consequences of its compromise extend well beyond losing control of a fantasy continent on a game board.

Read Post

One Identity

Read more about Identity risk management: What is it and how can you achieve it?

NIS2 Compliance Checklist (Free)

Apr 29, 2024 By Leah Sadoian In UpGuard

In January 2023, the European Commission (EC) released an updated version of the European Union (EU) Network and Information Security Directive (NIS2) to strengthen cybersecurity risk management across Europe’s essential services. NIS2 updates the original NIS directive and focuses more on regulations for cloud infrastructure, internet exchanges, domain service providers, and digital service providers.

Read Post