IT and Risk - Information Management Today

The Concentrated Cyber Risk Posed by Enormous Vendors

Data Breach Today

MARCH 13, 2024

The vast healthcare ecosystem disruption caused by the recent attack on Change Healthcare, which affected more than 100 of the company's IT products and services, underscores the concentrated cyber risk when a major vendor suffers a serious cyber incident, said Keith Fricke, partner at tw-Security.

Risk

Risk Security IT

OpenAI Formulates Framework to Mitigate 'Catastrophic Risks'

Data Breach Today

DECEMBER 19, 2023

A Preparedness Team Will Warn of Current, Future Dangers in the Firm's AI Models OpenAI on Monday released a framework it says will help assess and protect against the "catastrophic risks" posed by the "increasingly powerful" AI models it develops. "We

Risk

Risk IT

Mimecast Acquires Elevate Security to Address Human Risk

Data Breach Today

JANUARY 5, 2024

Company Plans to Enhance Digital Workplace Protection With Behavioral Analytics Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection.

Risk

Risk Analytics Security IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Experts Say Chinese Safes Pose Risks to US National Security

Data Breach Today

MARCH 14, 2024

Senator Urges Government to Tell Public About Little-Known Manufacturer Reset Codes Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S.

Risk

Risk Manufacturing Security Government

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

From identity theft to greater oversight on risk management, internal IT teams will be taking the brunt of these incoming regulations. Every industry is dealing with a myriad of cyber threats in 2024. It’s a tale as old as the first computer. When a technical issue arises, hand it over to IT. In fact, that’s most likely when they will happen.

Risk

Risk IT Financial Services Cybersecurity

US Regulators Warn of AI Risk to Financial Systems

Data Breach Today

DECEMBER 18, 2023

regulators for the first time detailed the risks artificial intelligence poses to the financial system and classified the technology as an "emerging vulnerability." The Financial Stability Oversight Council in its annual report flagged AI's ability to introduce "certain risks."

Risk

Risk Artificial Intelligence IT

Report Says CISA is Failing to Identify High-Risk Exploits

Data Breach Today

DECEMBER 19, 2023

CISA Failed to Include High-Risk Vulnerabilities in Known Exploit List, Report Says The Cybersecurity and Infrastructure Security Agency maintains an exhaustive list that the U.S.

Risk

Risk Cybersecurity Security IT

Mitigating AI Risks: UK Calls for Robust Guardrails

Data Breach Today

SEPTEMBER 4, 2023

Britain's Global AI Summit to Focus on Governance, Risk, International Standards The U.K. Goals of the event include detailing AI risks and opportunities, building effective frameworks for using AI safely, and setting international standards to manage AI risks and enforce norms.

Risk

Risk Artificial Intelligence Government IT

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Assessing the Privacy, Security Risks of Digital Health IT

Data Breach Today

JULY 18, 2022

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

Risk

Risk Privacy Security IT

Experts Probe AI Risks Around Malicious Use, China Influence

Data Breach Today

SEPTEMBER 7, 2023

Senate Hearing Examines Misuse of Advanced AI Systems, Risks With Chinese Nationals The rise of artificial intelligence makes it easier for adversaries to harm the U.S. and introduces new risks around malicious insiders with loyalties to China, experts say during a Senate hearing.

Risk

Risk Artificial Intelligence IT

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

Data Breach Today

NOVEMBER 27, 2023

Zscaler Brings Generative AI to Data Protection Bundles, Debuts Standalone AI Tools Zscaler infused generative AI features into its data protection bundles and is introducing AI-powered products that quantify risk and predict breaches, said CEO Jay Chaudhry.

Risk

Risk Cloud Security IT

NY AG Warns of ID Theft Risk in Medical Transcription Hack

Data Breach Today

NOVEMBER 30, 2023

Crouse Health Reveals It's Among PJ&A Clients Hit by Incident Affecting Millions New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state.

Risk

Risk IT

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. As a result, CEOs and C-suite professionals are becoming increasingly concerned about the impact of geopolitical risk on their businesses. So, what is geopolitical risk? How can you track geopolitical risk? But tracking it can be difficult.

Risk

Addressing Security Gaps and Risks Post-M&A in Healthcare

Data Breach Today

SEPTEMBER 8, 2023

In the aftermath of mergers and acquisitions among healthcare entities - and the resulting IT integration and cost-cutting moves - gaps in technology and skills and other gaps often put organizations at higher risk for attacks and other security incidents, said Jack Danahy of NuHarbor Security.

Risk

Risk Security IT

OT-IT Integration Raises Risk for Water Providers, Experts Say

Data Breach Today

APRIL 5, 2022

This comes as water providers see a big increase in the risk they face by connecting their legacy machines to the internet.

Risk

Risk IT Government Cybersecurity

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Here are a few ‘dos:’ •Rigorous vulnerability management.

Risk

Risk Cloud Communications Education

Threat Watch: Russia-Ukraine War Remains Top CISO Risk

Data Breach Today

JUNE 17, 2022

DXC Technology's Michael Baker on Top Threats, Recruitment Tips, Career Advice Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology.

Risk

Risk IT

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Communication is a core component of a resilient organization's risk management framework. However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. Storytelling is the ability to express ideas and convey messages to others, including stakeholders.

Risk

RSA Spins Off Fraud and Risk Business

Data Breach Today

JUNE 10, 2021

New Stand-Alone Firm Is Tasked With Combatting Digital Commerce Fraud RSA Security LLC has spun off its fraud and risk intelligence business into a stand-alone company named Outseer. The new company will be led by Reed Taussig as CEO, and it will serve a worldwide customer and partner community.

Risk

Risk Security IT

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

Data Breach Today

AUGUST 17, 2021

abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say. Security Experts Size Up Impact of US Rush to Leave Afghanistan It's unlikely that the U.S.

Risk

Risk Cybersecurity Security IT

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. There was another warning from the U.S.

Risk

Risk Artificial Intelligence Cybersecurity Compliance

Cybersecurity Leadership: Risk Exposure Awareness

Data Breach Today

SEPTEMBER 22, 2020

CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?" In this latest in a series of CEO/CISO panels, cybersecurity leaders talk frankly about the new risk surface and the role emerging technologies play in helping us keep pace with our adversaries.

Risk

Risk Cybersecurity IT

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

Uncover and mitigate various security risks that put sensitive customer and business data at risk — including identifying misconfigured SaaS settings and suspicious or malicious behavior. So, you’ve accomplished an organization-wide SaaS adoption.

Security

US Bank Regulator Weighs Stablecoin Risks and Benefits

Data Breach Today

APRIL 11, 2022

stablecoin, but there are also high risks associated with it. Some security experts question whether the technology has advanced enough and consider stablecoin risks. OCC's Hsu: Fraud Loss 'Pales in Comparison' to $2 Trillion Crypto Market Wealth Acting Comptroller of the Currency Michael J.

Risk

Risk Marketing Security IT

IoT Supply Chains: Where Risks Abound

Data Breach Today

NOVEMBER 16, 2020

ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.

IoT

IoT Risk IT

Feds Allege Former IT Consultant Hacked Healthcare Company

Data Breach Today

MAY 26, 2022

Experts: Case Spotlights Critical, But Often Overlooked, Insider Threats, Risks A former IT consultant has been charged with allegedly hacking into a computer server of a healthcare company client that had months earlier denied him employment with the organization.

IT

IT Risk

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Here are some of the key challenges that organizations encounter in their efforts to mitigate cyber risks in the current environment. Improve overall security posture and reduce cyber risks.

Risk

Risk Security awareness Education Compliance

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

How a belief that DevOps resources are jack of all trades can increase your risks, not lessen. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter.

Security

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

The Last Watchdog

OCTOBER 4, 2023

The Omdia analysts called out a a handful of key proactive methodologies: Risk-Based Vulnerability Management (RBVM), Attack Surface Management (ASM), and Incident Simulation and Testing (IST). RBVM solutions don’t merely identify vulnerabilities, it quantifies and prioritizes them, making risk management more strategic.

Risk

Risk Security Cloud Marketing

EU Parliament, Council Agree on Cybersecurity Risk Framework

Data Breach Today

MAY 16, 2022

NIS2 Directive Aims to Counter Increasing Cyberthreats to Europe The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations."

Risk

Risk Cybersecurity Information Security Security

Critical Steps for Enhancing 3rd-Party Risk Management

Data Breach Today

APRIL 21, 2022

Recent security incidents involving third-party software, including Okta and Log4j, underscore the importance of healthcare entities taking steps to enhance their vendor risk management programs, says Chris Frenz, assistant vice president of IT security at Mount Sinai South Nassau.

Risk

Risk Security IT

Data Risk Governance: The BISO's Perspective

Data Breach Today

MAY 21, 2021

Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program It's not just traditional data governance – it's about business risk. Patrick Benoit of CBRE gives the BISO's perspective on data risk governance. And in the age of GDPR and CCPA, you’d best have a handle on data discovery and classification.

Risk

Risk Government GDPR IT

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization. It is the tangents of this data that are vital to a successful change management process.

Risk

Ukraine's 'IT Army' Call-Up: Don't Try This at Home

Data Breach Today

MARCH 15, 2022

For starters, launching distributed denial-of-service attacks - at least from outside Ukraine - remains illegal and risks triggering an escalation by Moscow.

IT

IT Risk

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Three key DORA requirements There are three fundamental requirements to this regulation: Risk management Incident management Supply chain security These drive the other, lower-level requirements in DORA. The ICT risk management framework itself must be strategic, documented and reviewed at least annually.

Risk

Risk Data breaches Authentication Financial Services

Alleged HVAC Hack Shines Spotlight on OT Risks to Healthcare

Data Breach Today

AUGUST 18, 2021

HVAC Vendor Incident Said to Affect Its Boston Hospital Clients A hacking incident reportedly involving a Massachusetts-based vendor that provides HVAC systems to customers including several high profile Boston-area hospitals shines another spotlight on the growing cybersecurity risks involving IoT devices and OT equipment.

Risk

Risk IoT Cybersecurity IT

Turning climate risks into business opportunities

IBM Big Data Hub

MARCH 27, 2024

As businesses make plans to mitigate climate risks such as extreme weather events, they have an opportunity to innovate with new business models and demonstrate leadership by implementing more sustainable practices. What is climate risk? These risks can make it difficult or impossible for organizations to operate in affected locations.

Risk

Risk Artificial Intelligence Agriculture Financial Services

Why “Build or Buy?” Is the Wrong Question for Analytics

Partnering with an analytics development platform gives you the freedom to customize a solution without the risks and long-term costs of building your own. Every time an application team gets caught up in the “build vs buy” debate, it stalls projects and delays time to revenue. There is a third option.

Analytics

Report Urges NASA to Improve Cybersecurity Risk Management

Data Breach Today

JUNE 29, 2021

GAO Offers Recommendations to Improve Space Agency's Cyber Protections A government watchdog is urging NASA to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network, infrastructure and data.

Risk

Risk Cybersecurity Government Security

Make ESG risk data more meaningful by viewing it through a new Lens

OpenText Information Management

OCTOBER 10, 2023

Business risk has rarely been higher than it is today. Political sanctions, adverse news stories, sustainability issues and credit problems with customers or suppliers can put your company at risk of reputational or financial harm.

Risk

Risk IT

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. Poses ‘Risk of Extinction,’ Industry Leaders Warn.”

Risk

Risk Artificial Intelligence Government Security

Data Breach Lawsuit Alleges Mismanagement of 3rd-Party Risk

Data Breach Today

JUNE 22, 2023

Proposed Class Action Filed Against Intellihartx in Wake of Fortra GoAnywhere Hack A proposed federal class action lawsuit alleges that patient debt collection software firm Intellihartx was negligent in its handling of third-party risk, contributing to a breach affecting nearly 490,000 individuals and involving a recent hack on its file transfer software (..)

Risk

Risk Data breaches IT

The Concentrated Cyber Risk Posed by Enormous Vendors

OpenAI Formulates Framework to Mitigate 'Catastrophic Risks'

Webinars

Trending Sources

Mimecast Acquires Elevate Security to Address Human Risk

Webinars

Experts Say Chinese Safes Pose Risks to US National Security

5 Early Indicators Your Embedded Analytics Will Fail

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

US Regulators Warn of AI Risk to Financial Systems

Report Says CISA is Failing to Identify High-Risk Exploits

Mitigating AI Risks: UK Calls for Robust Guardrails

How to Package and Price Embedded Analytics

Assessing the Privacy, Security Risks of Digital Health IT

Experts Probe AI Risks Around Malicious Use, China Influence

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

NY AG Warns of ID Theft Risk in Medical Transcription Hack

How and Why Should You Be Tracking Geopolitical Risk?

Addressing Security Gaps and Risks Post-M&A in Healthcare

OT-IT Integration Raises Risk for Water Providers, Experts Say

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

Threat Watch: Russia-Ukraine War Remains Top CISO Risk

The Power of Storytelling in Risk Management

RSA Spins Off Fraud and Risk Business

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Cybersecurity Leadership: Risk Exposure Awareness

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

US Bank Regulator Weighs Stablecoin Risks and Benefits

IoT Supply Chains: Where Risks Abound

Feds Allege Former IT Consultant Hacked Healthcare Company

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

Shift Left Security? Development Does Not Want to Own It.

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

EU Parliament, Council Agree on Cybersecurity Risk Framework

Critical Steps for Enhancing 3rd-Party Risk Management

Data Risk Governance: The BISO's Perspective

Successful Change Management with Enterprise Risk Management

Ukraine's 'IT Army' Call-Up: Don't Try This at Home

Risk Management under the DORA Regulation

Alleged HVAC Hack Shines Spotlight on OT Risks to Healthcare

Turning climate risks into business opportunities

Why “Build or Buy?” Is the Wrong Question for Analytics

Report Urges NASA to Improve Cybersecurity Risk Management

Make ESG risk data more meaningful by viewing it through a new Lens

On the Catastrophic Risk of AI

Data Breach Lawsuit Alleges Mismanagement of 3rd-Party Risk

Stay Connected