%term

What Is Third-Party Risk Management (TPRM)?

May 27, 2026 By miniOrange In miniOrange

Your security team has hardened your perimeter. You have MFA enforced, endpoint detection running, and your crown-jewel systems are locked down tight. Then a vendor you onboarded two years ago, a mid-size SaaS tool your procurement team signed off on, gets breached. They had access to your customer data. Now it is your problem. This is the third-party risk problem in one paragraph. And it is why TPRM has moved from a compliance checkbox to a board-level conversation.

Read Post

miniOrange

Read more about What Is Third-Party Risk Management (TPRM)?

Cyber Risk: How do you detect a threat?

May 27, 2026 By UpGuard In UpGuard

The Zero-Lag Posture See how UpGuard is moving beyond static defense to a model that identifies emerging vectors like MCP servers and neutralizes browser-based threats in real time. Interested in finding out more about UpGuard?

View Video

UpGuard

Read more about Cyber Risk: How do you detect a threat?

Is GRC Cool Again? How Mythos and Frontier AI Models Are Bringing a New Focus to Governance and Risk Management

May 27, 2026 By Vanessa Jankowski In BitSight

For the record, I always thought the GRC was cool. NIST Framework? Yes please. Vendor risk register? Tell me more! Not everyone shared my enthusiasm for effective and efficient cyber risk reduction. Until now. Suddenly, seemingly overnight, managing the digital supply chain became really, really important. AI governance (a phrase that didn’t even exist a year ago) is now the topic of boardroom discussions. Yes, it will look different and operate in a new way.

Read Post

BitSight

Read more about Is GRC Cool Again? How Mythos and Frontier AI Models Are Bringing a New Focus to Governance and Risk Management

Streamlining CMMC Compliance: How Bitsight Empowers the Defense Industrial Base

May 26, 2026 By Jake Olcott In BitSight

For organizations within the Defense Industrial Base (DIB), the Cybersecurity Maturity Model Certification (CMMC) 2.0 represents more than a regulatory hurdle. It is becoming a core requirement for doing business with the Department of Defense and for protecting sensitive information across the defense supply chain.

Read Post

BitSight

Read more about Streamlining CMMC Compliance: How Bitsight Empowers the Defense Industrial Base

How Security Teams Gain Full Identity Visibility and Reduce Risk

May 26, 2026 By CrowdStrike In CrowdStrike

“Falcon Identity Security is essential.” That’s how CrowdStrike customers explain how Falcon Next-Gen Identity Security helps them: Understand their full identity attack surface Enforce real-time access decisions based on risk Unify identity + endpoint + SaaS protection in one place Block adversaries before impact They’ve moved away from fragmented tools and blind spots to a single, unified platform that stops adversaries across the attack chain.

View Video

CrowdStrike

Read more about How Security Teams Gain Full Identity Visibility and Reduce Risk

How to Communicate Cyber Risk in the Boardroom

May 26, 2026 By David Jemmett In CISO Global

Technology is essential, but technology alone does not create resilience. Resilience comes from informed decisions, clear priorities, and leadership alignment.

Read Post

CISO Global

Read more about How to Communicate Cyber Risk in the Boardroom

The One Cybersecurity Policy Every Small Business Needs (And Most Don't Have)

May 26, 2026 By SecuritySenses In SecuritySenses

Most small business owners have thought about cybersecurity at some point. Maybe after reading a headline about a ransomware attack. Maybe after a coworker clicked a sketchy email. Maybe after their IT company mentioned it in passing. But thinking about cybersecurity and actually having a policy in place are two very different things. Businesses that invest in proper cybersecurity services are far less likely to suffer a costly breach, yet most small businesses are still operating without one critical layer of protection: a formal Acceptable Use Policy.

Read Post

SecuritySenses

Read more about The One Cybersecurity Policy Every Small Business Needs (And Most Don't Have)

Back to the Fundamentals: Reflections from the IACIS BCFE Event in Orlando

May 22, 2026 By Evangelos Dragonas In Obrela

In today’s cybersecurity landscape, speed is often treated as the ultimate objective. Organizations are racing to adopt AI-driven technologies, automate workflows, reduce response times, and deliver faster outcomes. Digital forensics is no exception. Forensic examiners increasingly rely on tools that automate large parts of the analysis process, helping reduce the time required for complex investigations. But this raises an important question: at what cost?

Read Post

Obrela

Read more about Back to the Fundamentals: Reflections from the IACIS BCFE Event in Orlando

SecurityScorecard Weekly Brief: The Driftnet Edition on Critical Infrastructure - Gilad F. Maizles

May 22, 2026 By SecurityScorecard In SecurityScorecard

In this week’s Weekly Brief: The Driftnet Edition, Cyber Researcher Gilad F. Maizles breaks down new SecurityScorecard research powered by the company’s acquisition of Driftnet, exposing widespread internet-facing risk inside a U.S. municipal utility provider that also operated as the town’s ISP. “Threat actors will always target the lowest hanging fruit.” Using the Driftnet engine, SecurityScorecard identified significantly more internet-facing services and attack paths than traditional methodologies.

View Video

SecurityScorecard

Read more about SecurityScorecard Weekly Brief: The Driftnet Edition on Critical Infrastructure - Gilad F. Maizles

Fireside Chat With TPRA: Three Hard TruthsAbout TPRM in the Post-Mythos Era

May 21, 2026 By Bitsight In BitSight

Frontier AI models like Mythos have intensified the urgency to rethink cybersecurity. But for third-party risk teams, the harder question remains: how do we prioritize the actions that actually drive business outcomes? As TPRM becomes more tightly tied to business impact, resilience, continuity, and revenue protection, leaders need a clearer view of the hard truths shaping their programs.

View Video