%term

How to build a cyber risk program that will lock hackers out

Jan 8, 2025 By One Identity In One Identity

Rob Kraczek, One Identity Global Strategist, explores how organizations can avoid becoming part of the 90% of organizations that are victims of cyberattacks by developing a cyber risk program. Most hackers look for the easiest and most effective way to hack your environment. In this video, Kraczek shares why every organization needs robust identity governance and administration (IGA), the core component of a cyber risk program, to prevent cyberattacks. Learn more about Risk in the World of Identity Governance.

View Video

One Identity

Read more about How to build a cyber risk program that will lock hackers out

Web Application Security for DevOps: Cross-Origin Resource Sharing (CORS) and Subresource Integrity (SRI)

Jan 8, 2025 By Chris Poulin In BitSight

With all of that background from parts 1, 2, and 3 of this series out of the way, let's turn to some practical considerations for real-world web applications. The inherent security restrictions for resources, including cookies and JavaScript, assume that each website contains all of its functionality in one neat, isolated package. But websites often contain content and functionality from multiple websites that trust each other.

Read Post

BitSight

Read more about Web Application Security for DevOps: Cross-Origin Resource Sharing (CORS) and Subresource Integrity (SRI)

Kovrr's Top 9 Cyber Loss Scenarios: A Year In Review

Jan 8, 2025 By Kovrr In Kovrr

‍ ‍While each organization faces its own unique set of cyber risks that must be carefully assessed and managed in order to reach a state of resilience, certain events are nearly inevitable in today's threat environment, having the potential to create damaging ripple effects across the global market. Early in 2024, Kovrr's cyber risk quantification models identified these potential cyber incidents and loss scenarios most likely to impact organizations worldwide in the upcoming year.

Read Post

Kovrr

Read more about Kovrr's Top 9 Cyber Loss Scenarios: A Year In Review

5 ways a Human Risk Management Platform could support SaaS Security Posture Management

Jan 8, 2025 By The CultureAI Team In CultureAI

Software as a Service (SaaS) applications have become indispensable for organisations in today's digital landscape. From collaboration tools enabling better communication, to SaaS applications that streamline operations, enhance productivity, and support remote work. However, their convenience comes with significant security challenges—many of which stem from human errors, insider threats, and inadequate configuration practices.

Read Post

CultureAI

Read more about 5 ways a Human Risk Management Platform could support SaaS Security Posture Management

Understanding Operational Technology (OT) and Its Security Challenges

Jan 8, 2025 By Anirban Banerjee In Riscosity

However, the growing convergence of IT and OT due to digital transformation initiatives has exposed OT environments to a wide array of cybersecurity threats, creating an urgent need for robust and tailored security solutions.

Read Post

Riscosity

Read more about Understanding Operational Technology (OT) and Its Security Challenges

CVE-2024-4577: Windows Encoding Gone Wrong

Jan 7, 2025 By Diogo Ferreira In BitSight

At the beginning of June 2024, Bitsight TRACE started analyzing a new CISA KEV vulnerability that had just come out, with the goal of creating a detection capability that could be implemented on an Internet-wide scale.

Read Post

BitSight

Read more about CVE-2024-4577: Windows Encoding Gone Wrong

Looking Back: What We Learned in 2024

Jan 6, 2025 By Corey Tomlinson In Nucleus

Looking back on 2024 to start the new year, we had the great opportunity to host and be part of several conversations and demonstrations that we hope were valuable learning opportunities for everyone who joined us. Let’s take a moment to review some of the highlights from those 2024 events before we leap into 2025.

Read Post

Nucleus

Read more about Looking Back: What We Learned in 2024

The Importance of Risk Management in Property Renovations

Dec 31, 2024 By SecuritySenses In SecuritySenses

Renovating older properties can be both rewarding and thrilling projects, from renovating historic homes to modernizing commercial structures. Unfortunately, renovating older structures often comes with hidden dangers that turn a project into an unsafe undertaking - specifically with regards to asbestos, lead, and mold present within older structures - meaning risk management for every renovation is essential in keeping everyone involved safe during every renovation endeavor.

Read Post

SecuritySenses

Read more about The Importance of Risk Management in Property Renovations

UpGuard's Updated Cyber Risk Ratings

Dec 30, 2024 By Nicholas Sollitto In UpGuard

Each year, we revisit our risk rating system to ensure it best reflects the needs of security practitioners safeguarding their organizations and supply chains. For our recentupdate, we’ve made two closely related changes: we’ve recategorized some of our existing findings to make an organization’s risk profile more understandable and recalibrated our scoring algorithm to more clearly illustrate the impact of specific risks.

Read Post

UpGuard

Read more about UpGuard's Updated Cyber Risk Ratings

Human Factors in Cybersecurity in 2025

Dec 30, 2024 By Edward Kost In UpGuard

Humans are often regarded as the weakest link in a cybersecurity program. Whether resulting from manipulative cybersecurity tactics or limited cybersecurity awareness, human errors remain the most prevalent attack vectors in every information security program, no matter how sophisticated your cybersecurity stack may be.

Read Post