Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

UpGuard

How to Integrate HECVAT into VRM Programs

‍HECVAT (Higher Education Community Vendor Assessment Toolkit) is a security assessment questionnaire that measures the cybersecurity risk of third-party vendors for higher education institutions. It helps universities ensure that their third-party vendors have implemented proper security practices and policies, which are measured against a comprehensive list of security controls, to protect the large amounts of sensitive data and personally identifiable information (PII) they manage.

What Makes an Effective and Successful CISO?

A CISO (chief information security officer) is a company's senior executive responsible for developing, managing, and implementing its organization’s security program and improving its cybersecurity posture. The CISO oversees the information security programs, protects organizational data and assets, develops IT infrastructures, builds security teams, and handles the overall IT security of the company.

Top Cybersecurity Regulations in India [Updated 2022]

India’s ever-expanding digital infrastructure in the wake of the pandemic has escalated the demand for new, updated, and improved regulatory mandates for strengthening cybersecurity. Rampant cybersecurity incidents have been occurring weekly, alarming businesses, organizations, and individuals across India.

How Did LAUSD Get Hacked in 2022?

Vice Society, the cybercriminal gang responsible for the attack, is believed to have used internal login credentials leaked on the dark web to access LAUSD’s network and launch the ransomware attack. Twenty-three internal LAUSD credentials were leaked on the dark web leading up to the attack, with at least one set granting access to LAUSD’s Virtual Private Network (VPN).

What Caused the Uber Data Breach in 2022?

The Uber data breach began with the purchase of stolen credentials belonging to an Uber employee from a dark web marketplace. The hacker tried to log into Uber’s network with these credentials but was unsuccessful because the account was protected by MFA. To overcome this security barrier, the hacker contacted the employee and, while pretending to be a member of Uber’s security team, asked them to accept the MFA push notification sent to their phone.

The Baseline Requirements of the RBI Cyber Security Framework

Financial institutions are amongst the most highly targeted organizations for cyber security attacks. To address this, the Reserve Bank of India (RBI) has outlined a list of controls, known as the RBI Guidelines for Cyber Security Framework, for banks to achieve a minimum recommended baseline of cyber attack resilience. Each area carries several detailed specifications from the list of controls outlined by the Reserve Bank of India.

What is Dark Web Monitoring? Tracking Data Leaks & Breaches

‍Dark web monitoring is the process of tracking your organization’s information on the dark web. Dark web monitoring solutions can scan through billions of pages on the internet to find leaked or stolen information, such as compromised passwords, credentials, intellectual property, and other sensitive data being shared and sold among cybercriminals operating on the dark web.