Expert insights. Personalized for you.
Mark Sangster of eSentire Shares Lessons Learned Third-party vendor risk continues to pose a security challenge to organizations. Despite many having formal policies for managing third-party risk, almost half of organizations say they've suffered a data breach that traces to a third-party vendor, says Mark Sangster of eSentire MORE
A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before. MORE
A Fraud Manager Describes the Roles of Artificial Intelligence, Machine Learning Artificial intelligence and machine learning offer the best hope for addressing the risks posed by synthetic identities, says Justin Davis, fraud manager at Digital Federal Credit Union MORE
Federal Reserve Requires Bank's Board to Take Action The Treasury Department's Office of the Comptroller of the Currency has hit Citibank with a $400 million fine for deficiencies in enterprisewide risk management, compliance risk management, data governance and internal controls. MORE
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector MORE
Stuart Schechter writes about the security risks of using a password manager. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud. In my way of thinking, that reduces the risks of a password manager considerably. passwordsafe passwords riskassessment risks MORE
Glitch Briefly Allowed Potential Access to Patient Consultation Recordings A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic MORE
The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments MORE
Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner MORE
Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.” Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance. MORE
As ransomware and other cyberattacks on healthcare organizations surge, the potential risks to medical devices are growing, says Kelly Rozumalski, director of secure connected health initiatives at the consulting firm Booz Allen Hamilton, who discusses risk mitigation efforts MORE
Cybersecurity researchers report on the security and privacy risks of leaving a Tesla Backup Gateway exposed to the Internet MORE
Your organization's risk surface may be larger than you think. Your organization's risk surface is larger than you think. How can you get a handle on what risks exist, where they reside, and which ones are most important to resolve immediately MORE
Bureau Says Attackers Can Use Vulnerable RDP Connections to Access Networks The FBI is warning organizations that are still using Microsoft Windows 7 they are in danger of attackers exploiting vulnerabilities in the unsupported operating system to gain network access. MORE
The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Users should be aware of these risks and take action based on their specific situation and risk tolerance. MORE
As healthcare organizations navigate the COVID-19 crisis, they should take critical steps to improve their security posture and third-party security risk governance, says consultant Brenda Ferraro, the former CISO at Meritain Health, an Aetna subsidiary MORE
How can they best understand and mitigate their risks? Kelly White of RiskRecon on How to Track What's Being Missed In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. Kelly White of RiskRecon shares insights MORE
Dallas County CISO Michael Anderson on Risk Management and Resiliency Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. MORE
ServiceNow's Vasant Balasubramanian on Digital Transformation Integrated risk management and compliance offerings are moving to the cloud in a significant way to keep pace with digital transformation, says Vasant Balasubramanian of ServiceNow MORE
Researchers Find Widespread Vulnerabilities in These Diagnostic Devices New research has uncovered widespread vulnerabilities in wireless dongles that plug into a vehicle's OBD-II port. MORE
Josh Magri of the Cyber Risk Institute Describes Enhancements to 'Cyber Profile' The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. MORE
What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis MORE
Meridian Credit Union's Saif Nawaz on Using New Technologies As synthetic ID fraud in the financial services sector continues to rise next year, organizations must use new technologies to mitigate the risks, says Saif Nawaz of Meridian Credit Union in Canada MORE
Web Security data risk insider risks remote workWith Stanford research showing that nearly half of the U.S. labor force is now working from home full-time, insider threats are a much more difficult problem. MORE
ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. MORE
This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. MORE
Jeffrey Edwards of Progress Software on Ensuring Privacy File transfers are a significant factor in accidental insider risk. Jeffrey Edwards of Progress Software explains how secure file transfers can help ensure privacy and play a role in regulatory compliance MORE
Jeff Schilling of Teleperformance on Risk Management During COVID-19 Pandemic Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic. MORE
Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks MORE
Former NSA CISO on Reassessing Security Infrastructure As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency. MORE
With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance MORE
Learn about trends in information security risk assessment that align with business risk. This webinar explores communication challenges around information security, the typical journey organizations are taking to bring information risk management into the broader umbrella of business risk management, and the advantages accruing to organizations as they mature their information risk management programs MORE
CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?" MORE
Risk Related Topics Schneier on Security
OCTOBER 5, 2020
A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before.
Data Breach Today
NOVEMBER 19, 2020
Meridian Credit Union's Saif Nawaz on Using New Technologies As synthetic ID fraud in the financial services sector continues to rise next year, organizations must use new technologies to mitigate the risks, says Saif Nawaz of Meridian Credit Union in Canada
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
NOVEMBER 16, 2020
ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins.
Data Breach Today
SEPTEMBER 22, 2020
CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?"
Advertiser: UserTesting
Agile has become the go-to methodology for companies that want to reduce the risk involved in shipping new products. But how do you prevent building items nobody wants? If you wait to get user feedback until after development, then you’ve waited too long.
Schneier on Security
OCTOBER 30, 2020
Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.” Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance.
|
Data Breach Today
JULY 24, 2020
As ransomware and other cyberattacks on healthcare organizations surge, the potential risks to medical devices are growing, says Kelly Rozumalski, director of secure connected health initiatives at the consulting firm Booz Allen Hamilton, who discusses risk mitigation efforts
Data Breach Today
NOVEMBER 10, 2020
Josh Magri of the Cyber Risk Institute Describes Enhancements to 'Cyber Profile' The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security.
Data Breach Today
OCTOBER 12, 2020
A Fraud Manager Describes the Roles of Artificial Intelligence, Machine Learning Artificial intelligence and machine learning offer the best hope for addressing the risks posed by synthetic identities, says Justin Davis, fraud manager at Digital Federal Credit Union
Data Breach Today
SEPTEMBER 4, 2020
What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis
Advertiser: UserTesting
Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.
|
Schneier on Security
JUNE 24, 2020
This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March.
Data Breach Today
OCTOBER 16, 2020
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector
Data Breach Today
OCTOBER 13, 2020
Deloitte's Julian Colborne-Baber Offers Due Dilligence Insights for Financial Institutions Managing third-party risks must start with due diligence activities, and technology can play an important role, says Julian Colborne-Baber, forensic partner at Deloitte in the U.K.
Data Breach Today
NOVEMBER 24, 2020
Employee Indicted for ID Theft, Medicaid Fraud Federal prosecutors have indicted an employee of a Florida medical billing company in a case involving alleged identity theft and Medicaid fraud
Speaker: Shlomo Bielak, CTO, Benchmark Corp
Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.
Data Breach Today
AUGUST 27, 2019
Mark Sangster of eSentire Shares Lessons Learned Third-party vendor risk continues to pose a security challenge to organizations. Despite many having formal policies for managing third-party risk, almost half of organizations say they've suffered a data breach that traces to a third-party vendor, says Mark Sangster of eSentire
Data Breach Today
AUGUST 12, 2020
Researchers Find Widespread Vulnerabilities in These Diagnostic Devices New research has uncovered widespread vulnerabilities in wireless dongles that plug into a vehicle's OBD-II port.
Data Breach Today
AUGUST 19, 2020
Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner
Data Breach Today
OCTOBER 13, 2020
Federal Reserve Requires Bank's Board to Take Action The Treasury Department's Office of the Comptroller of the Currency has hit Citibank with a $400 million fine for deficiencies in enterprisewide risk management, compliance risk management, data governance and internal controls.
Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo
After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.
Data Breach Today
OCTOBER 8, 2019
Jeffrey Edwards of Progress Software on Ensuring Privacy File transfers are a significant factor in accidental insider risk. Jeffrey Edwards of Progress Software explains how secure file transfers can help ensure privacy and play a role in regulatory compliance
Dark Reading
NOVEMBER 19, 2020
Beginning the journey to risk management can be daunting, but protecting your business is worth every step
Data Breach Today
JULY 22, 2020
Former NSA CISO on Reassessing Security Infrastructure As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency.
Data Breach Today
AUGUST 14, 2020
With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance
Schneier on Security
DECEMBER 5, 2018
Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks
Schneier on Security
JUNE 19, 2019
Stuart Schechter writes about the security risks of using a password manager. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud. In my way of thinking, that reduces the risks of a password manager considerably. passwordsafe passwords riskassessment risks
Data Breach Today
AUGUST 25, 2020
Jeff Schilling of Teleperformance on Risk Management During COVID-19 Pandemic Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.
Data Breach Today
MARCH 19, 2019
How can they best understand and mitigate their risks? Kelly White of RiskRecon on How to Track What's Being Missed In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. Kelly White of RiskRecon shares insights
Data Breach Today
JULY 21, 2020
Dallas County CISO Michael Anderson on Risk Management and Resiliency Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic.
Data Breach Today
JUNE 10, 2020
Glitch Briefly Allowed Potential Access to Patient Consultation Recordings A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic
Data Breach Today
SEPTEMBER 19, 2018
But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks Chris Eng of CA Veracode on Best Practices Open source and third-party components help developers build and deploy applications faster.
Data Breach Today
MARCH 19, 2020
ServiceNow's Vasant Balasubramanian on Digital Transformation Integrated risk management and compliance offerings are moving to the cloud in a significant way to keep pace with digital transformation, says Vasant Balasubramanian of ServiceNow
Data Breach Today
JULY 26, 2019
Learn about trends in information security risk assessment that align with business risk. This webinar explores communication challenges around information security, the typical journey organizations are taking to bring information risk management into the broader umbrella of business risk management, and the advantages accruing to organizations as they mature their information risk management programs
Schneier on Security
AUGUST 6, 2020
The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Users should be aware of these risks and take action based on their specific situation and risk tolerance.
Data Breach Today
DECEMBER 7, 2018
Your organization's risk surface may be larger than you think. Your organization's risk surface is larger than you think. How can you get a handle on what risks exist, where they reside, and which ones are most important to resolve immediately
Data Breach Today
AUGUST 5, 2020
Bureau Says Attackers Can Use Vulnerable RDP Connections to Access Networks The FBI is warning organizations that are still using Microsoft Windows 7 they are in danger of attackers exploiting vulnerabilities in the unsupported operating system to gain network access.
Data Breach Today
APRIL 16, 2020
As healthcare organizations navigate the COVID-19 crisis, they should take critical steps to improve their security posture and third-party security risk governance, says consultant Brenda Ferraro, the former CISO at Meritain Health, an Aetna subsidiary
Threatpost
OCTOBER 20, 2020
Web Security data risk insider risks remote workWith Stanford research showing that nearly half of the U.S. labor force is now working from home full-time, insider threats are a much more difficult problem.
Dark Reading
NOVEMBER 17, 2020
Cybersecurity researchers report on the security and privacy risks of leaving a Tesla Backup Gateway exposed to the Internet
172 
Let's personalize your content