%term

Salt Typhoon, The Shadow in the Digital Storm

Jan 23, 2025 By Anirban Banerjee In Riscosity

Salt Typhoon is suspected to be an Advanced Persistent Threat (APT) group. Their origins are linked to state-sponsored entities in Asia, leveraging their technical expertise to breach some of the world’s most critical telecom infrastructure. Unlike ransomware groups that aim for monetary gain, Salt Typhoon’s primary objective is espionage, focusing on data theft and surveillance.

Read Post

Riscosity

Read more about Salt Typhoon, The Shadow in the Digital Storm

The Future of Cybersecurity: Insights and Predictions for 2025

Jan 22, 2025 By Obrela In Obrela

2024 marked a transformative shift in cybersecurity with AI-driven solutions leading the charge. As the industry evolves, the stage is set for further advancements in automation, resilience, and governance in 2025, shaping a more secure and dynamic digital landscape.

Read Post

Obrela

Read more about The Future of Cybersecurity: Insights and Predictions for 2025

Instant Insights for SOC 2 Reporting: Using AI to Streamline Vendor Assessments

Jan 22, 2025 By Greg Keshian In BitSight

With technology supply chain risks at an all-time high, many governance, risk, and compliance (GRC) teams conduct formal risk assessments as part of their new vendor selection and onboarding processes. Audit-based reporting frameworks like SOC 2 are invaluable to these efforts, as they provide a consistent way to benchmark prospective vendors’ customer data management practices.

Read Post

BitSight

Read more about Instant Insights for SOC 2 Reporting: Using AI to Streamline Vendor Assessments

Bitsight VRM: Instant Insights for SOC 2

Jan 22, 2025 By BitSight In BitSight

Instantly summarize valuable insights from SOC 2 reports - through AI - to help assess & onboard vendors more quickly and at scale.

View Video

BitSight

Read more about Bitsight VRM: Instant Insights for SOC 2

Tanium Integrated Risk Management for ServiceNow

Jan 22, 2025 By Tanium In Tanium

Tanium Integrated Risk Management (IRM) for ServiceNow integrates real-time data and automation to enhance compliance management, streamline risk assessments, proactively alert on critical risk events, and provide comprehensive visibility into enterprise risk posture.

View Video

Tanium

Read more about Tanium Integrated Risk Management for ServiceNow

Demo: Tanium Integrated Risk Management for ServiceNow

Jan 22, 2025 By Tanium In Tanium

Tanium Integrated Risk Management (IRM) for ServiceNow integrates real-time data and automation to enhance compliance management, streamline risk assessments, proactively alert on critical risk events, and provide comprehensive visibility into enterprise risk posture.

View Video

Tanium

Read more about Demo: Tanium Integrated Risk Management for ServiceNow

Why CASB Solutions Are Unsuitable for Detecting AI Usage in Organizations

Jan 22, 2025 By Anirban Banerjee In Riscosity

Cloud Access Security Brokers (CASBs) are essential tools for many enterprises, acting as intermediaries between users and cloud services to provide visibility, enforce security policies, and ensure compliance. While CASBs excel at managing traditional SaaS (Software-as-a-Service) applications, they fall short when it comes to detecting and managing the use of AI tools within an organization.

Read Post

Riscosity

Read more about Why CASB Solutions Are Unsuitable for Detecting AI Usage in Organizations

Stop Demonizing CVSS: Fix the Real Problem

Jan 22, 2025 By Scott Kuffer In Nucleus

If you read the newest risk-based vulnerability management literature, it appears we have a new favorite punching bag: the Common Vulnerability Scoring System (CVSS). You seemingly can’t throw a rock into the “vuln-o-sphere” without hitting someone dunking on CVSS or the National Vulnerability Database (NVD). The argument goes something like this: “Exploitation rates are up, ransomware is surging, and vulnerabilities are multiplying like rabbits.

Read Post

Nucleus

Read more about Stop Demonizing CVSS: Fix the Real Problem

The Complexities of AI for Privacy and Compliance Officers

Jan 21, 2025 By Anirban Banerjee In Riscosity

CPOs oversee an organization’s compliance with data privacy laws, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and sector-specific regulations like HIPAA. Key responsibilities include.

Read Post

Riscosity

Read more about The Complexities of AI for Privacy and Compliance Officers

Shaping our 2025 Data Engine Priorities: Industry Evolution and Customer Feedback

Jan 21, 2025 By Brian Mulligan In BitSight

The effectiveness of external attack surface management (EASM) and third-party risk management (TPRM) capabilities hinges on the depth, breadth, and timeliness of the underlying data they are based on. For this reason, Bitsight makes a significant ongoing investment in: The introduction of Bitsight’s next-generation data engine enabled many improvements to our capabilities across all of these areas throughout 2024.

Read Post