Risk Management

Threat Intelligence and Data Privacy: Balancing Security with User Rights

Dec 21, 2023 By SecurityScorecard In SecurityScorecard

In today’s digital age, cybersecurity is an ever-present concern for businesses and individuals alike. The use of threat intelligence has become a cornerstone in the fight against cyber threats, offering invaluable insights for preventing attacks. However, this comes with its own set of challenges, particularly in terms of maintaining data privacy standards. This guide explores the delicate balance between leveraging threat intelligence for security and upholding user data privacy rights.

Read Post

SecurityScorecard

Read more about Threat Intelligence and Data Privacy: Balancing Security with User Rights

Hybrid Cloud vs. Multi-Cloud: What's the Difference?

Dec 21, 2023 By RiskOptics In RiskOptics

In the beginning, there was “the cloud.” The concept was a bit fuzzy around the edges (like all clouds), but compliance officers understood what the term meant. The cloud was the ability of one company to provide computing, storage, and networking capabilities to other companies via the Internet — whenever the customer needed those services, and as many services as needed. As cloud computing evolved, so did specializations.

Read Post

RiskOptics

Read more about Hybrid Cloud vs. Multi-Cloud: What's the Difference?

An Analysis of Menorah Malware

Dec 20, 2023 By SecurityScorecard In SecurityScorecard

SecurityScorecard is analyzing a phishing campaign that deployed the Menorah malware, which is taking aim at users in the Middle East. This sophisticated campaign is being mounted by the threat actor group tracked as APT34, which is linked to Iran. This group is known for its focus on collecting sensitive intelligence and taking on high-profile targets across the Middle East including critical infrastructure and telecommunications entities.

Read Post

SecurityScorecard

Read more about An Analysis of Menorah Malware

Navigating the 2024 Cybersecurity Conference Maze

Dec 20, 2023 By SecurityScorecard In SecurityScorecard

As the digital landscape evolves, so too must the professionals who safeguard it. Cybersecurity conferences are invaluable when it comes to networking, learning, and staying ahead of the ever-evolving threats. Whether you’re a seasoned cybersecurity professional or a newcomer to the field, attending these conferences can be a transformative experience.

Read Post

SecurityScorecard

Read more about Navigating the 2024 Cybersecurity Conference Maze

Blockchain Security

Dec 20, 2023 By SecurityScorecard In SecurityScorecard

The blockchain has emerged as a revolutionary technology with the potential to redefine how data is managed, stored, and shared. While initially associated with cryptocurrencies like Bitcoin, the blockchain’s applications extend far beyond finance, impacting industries ranging from healthcare to supply chain management. One of the blockchain’s key promises lies in ensuring data consistency, transparency, and privacy, critical elements in an interconnected and data-driven world.

Read Post

SecurityScorecard

Read more about Blockchain Security

Mapping COBIT to COSO

Dec 20, 2023 By RiskOptics In RiskOptics

The Sarbanes-Oxley Act (SOX) requires publicly traded companies to declare and adopt a framework that the business will use to “define and assess internal controls.” In response, most publicly traded companies have adopted one of two frameworks that meet the SOX requirements: the Committee of Sponsoring Organizations (COSO) internal control framework and the IT Governance Institute’s Control Objectives for Information and Related Technology (COBIT).

Read Post

RiskOptics

Read more about Mapping COBIT to COSO

Release Spotlight: Qualys PCS

Dec 20, 2023 By Gil Azaria In Nucleus

In the culinary world, the adage “too many cooks spoil the broth” warns of the chaos and disarray that can arise from too many opinions and actions in the kitchen. However, this concept takes an intriguing twist in the realm of cybersecurity.

Read Post

Nucleus

Read more about Release Spotlight: Qualys PCS

How to Operationalize Vulnerability Threat Intelligence

Dec 20, 2023 By Nucleus In Nucleus

With so many vulnerabilities to address and potential threats looming, how can organizations prioritize and respond effectively? Enter Vulnerability Threat Intelligence (VTI). This knowledge not only aids in pinpointing vulnerabilities but also shapes strategies for risk acceptance and rapid responses to zero-day threats. Join our webinar where Patrick Garrity from Nucleus Security, Caleb Hoch from Google, and Jared Semrau from Mandiant, uncover how to effectively leverage vulnerability threat intelligence (VTI).

View Video

Nucleus

Read more about How to Operationalize Vulnerability Threat Intelligence

Risk Mitigation for Organizations: The Complete Guide

Dec 20, 2023 By Laiba Siddiqui In Splunk

Running a business involves taking calculated risks — but unexpected events can have devastating consequences. Risk mitigation is a process that helps companies identify potential risks and take proactive measures to mitigate them. In this blog, we'll explore the importance of risk mitigation and how businesses can protect their assets, reputation, and financial stability.

Read Post

Splunk

Read more about Risk Mitigation for Organizations: The Complete Guide

The Ins and Outs of Application Security Policy

Dec 19, 2023 By Anirban Banerjee In Riscosity

A policy, by definition, is a statement of management intent that is mandatory for an organization. A security policy, obviously, focuses on the security of information assets.

Read Post