Expert insights. Personalized for you.
Mark Sangster of eSentire Shares Lessons Learned Third-party vendor risk continues to pose a security challenge to organizations. Despite many having formal policies for managing third-party risk, almost half of organizations say they've suffered a data breach that traces to a third-party vendor, says Mark Sangster of eSentire MORE
California Medical Imaging Group Describes Data Exposure A California medical imaging group practice says vulnerabilities in its picture archiving and communications system left patient data at risk of unauthorized access for more than a year MORE
A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before. MORE
A Fraud Manager Describes the Roles of Artificial Intelligence, Machine Learning Artificial intelligence and machine learning offer the best hope for addressing the risks posed by synthetic identities, says Justin Davis, fraud manager at Digital Federal Credit Union MORE
applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint Proofpoint Sizes Up the Cloud Security Battle Attackers are increasingly using malicious OAuth 2.0 MORE
Stuart Schechter writes about the security risks of using a password manager. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud. In my way of thinking, that reduces the risks of a password manager considerably. passwordsafe passwords riskassessment risks MORE
The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments MORE
As ransomware and other cyberattacks on healthcare organizations surge, the potential risks to medical devices are growing, says Kelly Rozumalski, director of secure connected health initiatives at the consulting firm Booz Allen Hamilton, who discusses risk mitigation efforts MORE
Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.” Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance. MORE
Risk management software can provide risk monitoring, identification, analysis, assessment and mitigation, all in one solution. There are many factors that go into choosing the best risk management software for your specific organization’s business needs. MORE
As healthcare organizations navigate the COVID-19 crisis, they should take critical steps to improve their security posture and third-party security risk governance, says consultant Brenda Ferraro, the former CISO at Meritain Health, an Aetna subsidiary MORE
In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase the chances of cyber disruption of food production. MORE
How can they best understand and mitigate their risks? Kelly White of RiskRecon on How to Track What's Being Missed In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. Kelly White of RiskRecon shares insights MORE
Stuart McKenzie of FireEye on the Importance of Testing Defenses Ransomware attacks now routinely feature multifaceted extortion efforts, and defenses need to evolve, says Stuart McKenzie of FireEye, who offers an analysis of the findings of the FireEye M-Trends 2021 report MORE
He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks MORE
ServiceNow's Vasant Balasubramanian on Digital Transformation Integrated risk management and compliance offerings are moving to the cloud in a significant way to keep pace with digital transformation, says Vasant Balasubramanian of ServiceNow MORE
Also featured: A ransomware risk management update; tips on disaster planning The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them. MORE
Researchers Find Widespread Vulnerabilities in These Diagnostic Devices New research has uncovered widespread vulnerabilities in wireless dongles that plug into a vehicle's OBD-II port. MORE
Creator Jack Jones on the Uptake of His 'Factor Analysis of Information Risk' Model Driven by boards of directors' demand for better risk management practices and insight into the risks facing their organization, demand for frameworks and models to help has been skyrocketing, says Jack Jones, chairman of The FAIR Institute. MORE
Josh Magri of the Cyber Risk Institute Describes Enhancements to 'Cyber Profile' The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. MORE
Study Describes How a Supply Chain Attack Might Work Could hackers inject malicious code that compromises the synthetic DNA supply chain and ultimately tricks bioengineers into inadvertently developing dangerous viruses or toxins? MORE
What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis MORE
Meridian Credit Union's Saif Nawaz on Using New Technologies As synthetic ID fraud in the financial services sector continues to rise next year, organizations must use new technologies to mitigate the risks, says Saif Nawaz of Meridian Credit Union in Canada MORE
ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. MORE
Uncategorized artificial intelligence automation machine learning risk assessmentMicrosoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” ” Details on their blog. MORE
Report on Canceled VA Project Offers Governance Lessons for Others The Department of Veterans Affairs’ watchdog agency alleges that two VA employees “concealed” and “mispresented” the cybersecurity and privacy risks of an ambitious "big data" project that would have analyzed 22 million veterans’ health records dating back two decades. MORE
This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot. MORE
Jeffrey Edwards of Progress Software on Ensuring Privacy File transfers are a significant factor in accidental insider risk. Jeffrey Edwards of Progress Software explains how secure file transfers can help ensure privacy and play a role in regulatory compliance MORE
Agency Says Exploits Pose 'Unacceptable Risk' The U.S. MORE
Researcher: If Exploited, an Attacker at Close Range Could Inject Malicious Code A Belgian security researcher says he uncovered vulnerabilities that affect all modern Wi-Fi security protocols and impact most wirelessly connected devices, including smartphones, routers and IoT devices. MORE
Biden Administration Effort Comes During Shortage of Semiconductors In light of the global shortage of semiconductors, President Joe Biden signed an executive order Wednesday requiring a federal review of supply chain risks for these chips. MORE
Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks MORE
Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report MORE
CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?" MORE
Risk Related Topics 
Data Breach Today
MAY 6, 2021
applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint Proofpoint Sizes Up the Cloud Security Battle Attackers are increasingly using malicious OAuth 2.0
Schneier on Security
MAY 11, 2021
Uncategorized artificial intelligence automation machine learning risk assessmentMicrosoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” ” Details on their blog.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
OCTOBER 5, 2020
A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before.
eSecurity Planet
APRIL 2, 2021
Risk management software can provide risk monitoring, identification, analysis, assessment and mitigation, all in one solution. There are many factors that go into choosing the best risk management software for your specific organization’s business needs.
Advertiser: UserTesting
Agile has become the go-to methodology for companies that want to reduce the risk involved in shipping new products. But how do you prevent building items nobody wants? If you wait to get user feedback until after development, then you’ve waited too long.
Data Breach Today
APRIL 21, 2021
Stuart McKenzie of FireEye on the Importance of Testing Defenses Ransomware attacks now routinely feature multifaceted extortion efforts, and defenses need to evolve, says Stuart McKenzie of FireEye, who offers an analysis of the findings of the FireEye M-Trends 2021 report
Schneier on Security
JUNE 24, 2020
This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot.
Data Breach Today
SEPTEMBER 22, 2020
CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?"
Data Breach Today
FEBRUARY 20, 2021
Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report
Data Breach Today
AUGUST 19, 2020
The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments
Advertiser: UserTesting
Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.
|
Data Breach Today
JULY 24, 2020
As ransomware and other cyberattacks on healthcare organizations surge, the potential risks to medical devices are growing, says Kelly Rozumalski, director of secure connected health initiatives at the consulting firm Booz Allen Hamilton, who discusses risk mitigation efforts
Data Breach Today
NOVEMBER 19, 2020
Meridian Credit Union's Saif Nawaz on Using New Technologies As synthetic ID fraud in the financial services sector continues to rise next year, organizations must use new technologies to mitigate the risks, says Saif Nawaz of Meridian Credit Union in Canada
Data Breach Today
MAY 14, 2021
Researcher: If Exploited, an Attacker at Close Range Could Inject Malicious Code A Belgian security researcher says he uncovered vulnerabilities that affect all modern Wi-Fi security protocols and impact most wirelessly connected devices, including smartphones, routers and IoT devices.
Data Breach Today
NOVEMBER 16, 2020
ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins.
Advertisement
This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.
Schneier on Security
OCTOBER 30, 2020
Sunoo Park and Kendra Albert have published “ A Researcher’s Guide to Some Legal Risks of Security Research.” Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance.
The Security Ledger
MAY 4, 2021
In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase the chances of cyber disruption of food production.
Data Breach Today
OCTOBER 12, 2020
A Fraud Manager Describes the Roles of Artificial Intelligence, Machine Learning Artificial intelligence and machine learning offer the best hope for addressing the risks posed by synthetic identities, says Justin Davis, fraud manager at Digital Federal Credit Union
Data Breach Today
AUGUST 27, 2019
Mark Sangster of eSentire Shares Lessons Learned Third-party vendor risk continues to pose a security challenge to organizations. Despite many having formal policies for managing third-party risk, almost half of organizations say they've suffered a data breach that traces to a third-party vendor, says Mark Sangster of eSentire
Speaker: Anita Lauper Wood, Product Strategist
Successful implementation of predictive analytics can feel unpredictable. There are risks that need to be consciously addressed, and successful implementation requires the right strategy. Join Anita Lauper Wood, Product Strategist, for a valuable session for product and technology leaders.
Data Breach Today
MARCH 19, 2020
ServiceNow's Vasant Balasubramanian on Digital Transformation Integrated risk management and compliance offerings are moving to the cloud in a significant way to keep pace with digital transformation, says Vasant Balasubramanian of ServiceNow
Data Breach Today
FEBRUARY 11, 2021
He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks
Data Breach Today
SEPTEMBER 4, 2020
What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis
Speaker: Shlomo Bielak, CTO, Benchmark Corp
Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.
Data Breach Today
JANUARY 29, 2021
Report on Canceled VA Project Offers Governance Lessons for Others The Department of Veterans Affairs’ watchdog agency alleges that two VA employees “concealed” and “mispresented” the cybersecurity and privacy risks of an ambitious "big data" project that would have analyzed 22 million veterans’ health records dating back two decades.
Data Breach Today
FEBRUARY 25, 2021
Biden Administration Effort Comes During Shortage of Semiconductors In light of the global shortage of semiconductors, President Joe Biden signed an executive order Wednesday requiring a federal review of supply chain risks for these chips.
Data Breach Today
NOVEMBER 30, 2020
Study Describes How a Supply Chain Attack Might Work Could hackers inject malicious code that compromises the synthetic DNA supply chain and ultimately tricks bioengineers into inadvertently developing dangerous viruses or toxins?
Data Breach Today
OCTOBER 8, 2019
Jeffrey Edwards of Progress Software on Ensuring Privacy File transfers are a significant factor in accidental insider risk. Jeffrey Edwards of Progress Software explains how secure file transfers can help ensure privacy and play a role in regulatory compliance
Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo
After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.
Data Breach Today
APRIL 16, 2020
As healthcare organizations navigate the COVID-19 crisis, they should take critical steps to improve their security posture and third-party security risk governance, says consultant Brenda Ferraro, the former CISO at Meritain Health, an Aetna subsidiary
Data Breach Today
MARCH 19, 2020
Creator Jack Jones on the Uptake of His 'Factor Analysis of Information Risk' Model Driven by boards of directors' demand for better risk management practices and insight into the risks facing their organization, demand for frameworks and models to help has been skyrocketing, says Jack Jones, chairman of The FAIR Institute.
Data Breach Today
FEBRUARY 17, 2021
California Medical Imaging Group Describes Data Exposure A California medical imaging group practice says vulnerabilities in its picture archiving and communications system left patient data at risk of unauthorized access for more than a year
Schneier on Security
DECEMBER 5, 2018
Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks
Data Breach Today
JUNE 19, 2020
Also featured: A ransomware risk management update; tips on disaster planning The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them.
Data Breach Today
MARCH 19, 2019
How can they best understand and mitigate their risks? Kelly White of RiskRecon on How to Track What's Being Missed In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. Kelly White of RiskRecon shares insights
Schneier on Security
JUNE 19, 2019
Stuart Schechter writes about the security risks of using a password manager. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud. In my way of thinking, that reduces the risks of a password manager considerably. passwordsafe passwords riskassessment risks
Data Breach Today
NOVEMBER 10, 2020
Josh Magri of the Cyber Risk Institute Describes Enhancements to 'Cyber Profile' The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security.
Data Breach Today
AUGUST 12, 2020
Researchers Find Widespread Vulnerabilities in These Diagnostic Devices New research has uncovered widespread vulnerabilities in wireless dongles that plug into a vehicle's OBD-II port.
172 
Let's personalize your content