The ubiquitous CrowdStrike incident resulted in a major diversion of resources, with some hard-hit organizations assigning almost all of their IT and security personnel to damage control. As a CISO of an impacted organization, you will likely be required to answer for a lack of resilience to this type of event. To support your decision-making as you reevaluate your resilience budgets, this post outlines four resilience strategies based on key learnings from the CrowdStrike event.

SolarWinds, MOVEit, Knight Capital, and now CrowdStrike. The vendor ecosystem will remain a major playing field for operational disruptions. But are you ready for the next inevitable event? As a CISO, your response to such a question from the board shouldn't be anything less than a resounding "Yes!" Here are five plans of action to help your organization survive the next major IT quake, whether it's due to another rusty security update or a third-party breach.

In the early morning of July 19, a software update to CrowdStrike’s Falcon sensor started to cause one of the most extensive IT outages in history, affecting several industry sectors, including financial services, healthcare, transportation, and others. According to CrowdStrike, the outage stemmed from “a defect found in a Falcon content update for Windows hosts.” At this point, the software update has not affected Mac and Linux systems.

Cybersecurity regulations often include audits that assess and strengthen an organization’s defenses against increasing cyber threats. In the United States, various cybersecurity regulations, including HIPAA, SOX, PCI DSS, and more, require audits. Each audit ensures your organization meets the required standards outlined in the regulation while also strengthening its overall cybersecurity framework.

Over the last decade, cybersecurity has emerged as a critical concern for financial institutions. With cyberattacks increasing in frequency and sophistication, it has become imperative for institutions in the financial sector to safeguard sensitive data and implement robust data protection measures. The Dodd-Frank Wall Street Reform and Consumer Protection Act, commonly known as the Dodd-Frank Act, plays a crucial role in regulating the American financial services industry.

OpenSSH server is currently exposed to a dangerous vulnerability that, if exploited, could grant cybercriminals full system access without user interaction. This post provides an overview of CVE-2024-6387 and suggests remediation responses to mitigate its impact.

India's National Cyber Security Policy 2013 is a comprehensive framework designed to fortify the nation's cyber infrastructure and safeguard its digital frontiers. The policy aims to address the complexities of cyber threats and enhance cyberspace's security and resilience through various key components and targeted strategies.

In an era when digital transformation is reshaping economies and societies, the threat of cybercrime has become a significant concern. India, with its growing digital ecosystem, is particularly vulnerable to a wide range of cyber threats. In response to these challenges, the state of Maharashtra launched an ambitious initiative - the Maharashtra Cyber Security Project.

The SWIFT Customer Security Controls Framework (CSCF) is a key global cybersecurity framework that provides recommended and mandatory security controls for banking institutions that use the SWIFT banking system. The framework is designed to help financial institutions improve their cyber resilience and ensure that participants within the SWIFT network adhere to a stringent set of security compliance standards. Find out how UpGuard helps the financial services industry meet compliance standards >

Modern business operations have become synonymous with outsourcing to vendors, as essentially every business relies on at least a few third-party partnerships to improve efficiency and enhance capabilities. However, these partnerships also present various cybersecurity risks that can negatively impact an organization’s performance, reputation, and compliance with industry regulations and standards. To mitigate these risks, organizations must develop a robust Vendor Risk Management (VRM) process.