Risk Management

Understanding Insurance Risk

Oct 13, 2023 By Razorthorn In Razorthorn

Insurance is essentially a sophisticated game of chance, where insurers evaluate the balance between the payouts they might need to make during the coverage period and the premiums they can charge. This delicate equilibrium hinges on risk assessment. When it comes to insuring against specific perils like fire, insurance companies send experts to scrutinize the safety measures in place. If your risk profile resembles a scene with candles, a furnace, and someone pouring gasoline, don't expect fire insurance because the risk here is simply too high.

View Video

Razorthorn

Read more about Understanding Insurance Risk

BlueVoyant Comprehensive Supply Chain Defense

Oct 13, 2023 By BlueVoyant In BlueVoyant

Discover BlueVoyant's comprehensive, highly configurable third-party cyber risk management.

View Video

BlueVoyant

Read more about BlueVoyant Comprehensive Supply Chain Defense

Vendor Due Diligence Checklist: 5 Steps to Selecting a Third-Party

Oct 12, 2023 By Kim Johnson In BitSight

Third-party vendors can open the doors to growth and competitiveness, but they can also introduce operational, cyber, or financial risks. Whether you’re starting out or an established business, the process of selecting and onboarding a new vendor is a critical juncture that requires careful due diligence. But what information should you collect from your vendors, and how can you verify that it’s accurate?

Read Post

BitSight

Read more about Vendor Due Diligence Checklist: 5 Steps to Selecting a Third-Party

Why a robust risk management and cyber resiliency plan is an absolute necessity

Oct 12, 2023 By Simon Church In Xalient

As we are in the midst of Cybersecurity Awareness Month, and in the lead-up to our own Secure Connected Future Summit which we are hosting in November, I feel that a lot of the focus when it comes to cybersecurity still tends to be on prevention tactics. However, I would argue that it is not just about having the right defensive cybersecurity tools in place, but it is also about understanding how the organisation will recover from an incident – how quickly and at what cost to the business.

Read Post

Xalient

Read more about Why a robust risk management and cyber resiliency plan is an absolute necessity

SecurityScorecard Cybersecurity Data Incorporated into S&P Global Market Intelligence's Newly Launched Supplier Risk Indicator

Oct 12, 2023 By SecurityScorecard In SecurityScorecard

The world around us is often a reflection of who we are and what we value. The same can be said for businesses. It’s no longer enough to be resilient, trustworthy, and secure your own organization; the companies you do business with need to meet these same standards.

Read Post

SecurityScorecard

Read more about SecurityScorecard Cybersecurity Data Incorporated into S&P Global Market Intelligence's Newly Launched Supplier Risk Indicator

Creating a Vendor Risk Summary Cybersecurity Report in 2023

Oct 12, 2023 By Edward Kost In UpGuard

A vendor risk report provides stakeholders with a snapshot of your Vendor Risk Management (VRM) performance. With concerns over the threat of supply chain attacks growing, cybersecurity reporting is evolving towards an increased focus on Vendor Risk Management program performance. Board members and senior management want to know how effectively your VRM initiatives are identifying and addressing vendor-related security risks.

Read Post

UpGuard

Read more about Creating a Vendor Risk Summary Cybersecurity Report in 2023

Creating a Cybersecurity Report for Senior Management in 2023

Oct 12, 2023 By Edward Kost In UpGuard

A cybersecurity report shouldn’t be feared. Instead, it should be regarded as an opportunity to demonstrate the effectiveness of your cybersecurity program, and while management is brimming with delight over your efforts, maybe also a chance to sneak in a request for that cyber budget increase.

Read Post

UpGuard

Read more about Creating a Cybersecurity Report for Senior Management in 2023

A Look at CISA's Top Routinely Exploited Vulnerabilities

Oct 11, 2023 By Ryan Cribelar In Nucleus

Knowing what vulnerabilities interest malicious actors is a critical step in assessing the risk of vulnerabilities found in your environment. On August 3rd, CISA released their Top Routinely Exploited Vulnerabilities report for the year 2022 and inside comes little surprise as to most of the culprits. Bugs tied to ransomware incidents continue to dominate the eyes of the agencies behind these joint advisories in hopes that the number of complete owns will diminish.

Read Post

Nucleus

Read more about A Look at CISA's Top Routinely Exploited Vulnerabilities

New from SEC: Cybersecurity Final Rule on Reporting Hits Third Party Risk

Oct 11, 2023 By BitSight In BitSight

In one of the most important cybersecurity regulatory developments in recent memory, the U.S. Securities and Exchange Commission (SEC) recently adopted new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance. Companies are required to disclose risks in their annual reports beginning on December 15, 2023.

Read Post

BitSight

Read more about New from SEC: Cybersecurity Final Rule on Reporting Hits Third Party Risk

Kovrr Highlighted in Gartner's CRQ Category in Gartner Hype Cycle

Oct 11, 2023 By Kovrr In Kovrr

Kovrr has been recognized in the Gartner Hype Cycle for Cyber Risk Management this year. We believe this recognition serves as a testament to our commitment to empowering enterprise decision-makers to manage cyber exposure more effectively with in-depth risk analyses. ‍

Read Post