The saying "Penny-wise, pound-foolish" is relevant when we talk to those friendly, knowledgeable finance people about ongoing employee screening due to the dreaded insider threat and the costs associated with it - which leads to us pulling out our hair in utter frustration. This rant is about that.
Michael Lines is working with Information Security Media Group to promote awareness of the need for cyber risk management, and as a part of that initiative, the CyberEdBoard will post draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself."
A global pandemic has transformed the way companies operate, increasing reliance on remote work and cloud-based services. These transformations, however, increase the number of digital risks enterprises are exposed to. The overall lack of control and visibility of cloud-based services, shadow IT, and unsecure internet...
CyberEdBoad excutive member Alan Ng of China Taiping Insurance, Singapore, explains the enterprise risk management strategy for the pandemic era and how the Distributed, Immutable and Ephemeral triad works with the Confidentiality, Integrity and Availability triad to make organizations more secure.
As we see more businesses adopt outsourced services/solutions providers and become increasingly reliant on third-party vendors, organizations inevitably intensify workload to their teams involved in the management of these third parties. This extended ecosystem creates a silent threat, expands the attack surface of...
Being exposed to cyber risk is an inevitable part of doing business in today’s world. Building and maintaining a strong cybersecurity program requires constant vigilance, making the process of measuring performance over time quite challenging: What measurement standard should you strive for, and why? And how does...
In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.
Risk can be a confusing topic, summarized in heatmaps with low, medium, and high as the most accurate indicators.
While valuable to GRC pros, it’s only a small piece of the puzzle. And, more importantly, it’s decidedly not speaking the same language as the rest of the organization.
Risk professionals can now...
Managing risks begins with measuring risks. But how do you measure risks accurately? How do you share your findings in a meaningful way to both technical and non-technical audiences?
When measuring risk, the focus should be on what’s meaningful to your audience. And for the most important decisions about...
A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.
In today’s world, cyberattacks are commonplace, and countless organizations have had to deal with the fallout of a breach. Luckily, there are many cybersecurity solutions that can help decrease risk, but how do you know if your organization’s security controls will be up to the task?
This is where penetration...
Dragos is currently tracking 3000+ Common Vulnerabilities and Exposures (CVEs) that affect ICS/OT networks. Of those, more than 400 CVEs have at least one publicly available exploit. Public exploits affect every level of an industrial environment, providing adversaries pre-packaged tools capable of infiltrating an...
In today’s modern work environment, desktop virtualization has skyrocketed to the top of the list of IT priorities. Business leaders need to deliver virtual desktops and apps that offer the flexibility to respond to rapidly changing demands without the complexities associated with managing on-premises...
Organizations are moving to the cloud to take advantage of economies of scale, global reach, and to set the foundation for innovation in their business. Yet, despite the obvious benefits, IT leads are facing a number of challenges, such as:
Analyzing which cloud model is best for their business ;...
Merger and acquisition activity picked up in September with BitSight, Tenable and Mastercard, all making deals. Moody's became BitSight's largest shareholder after making a $250 million investment in the company.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
