Security Risks of Chatbots

Schneier on Security

Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks

Risk 90

Managing Open Source Risks

Data Breach Today

But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks Chris Eng of CA Veracode on Best Practices Open source and third-party components help developers build and deploy applications faster.

Risk 166

Improving Vendor Risk Management

Data Breach Today

NYKA Advisory Services' Sunil Chandiramani Offers Insights for Financial Institutions Providing vendors with visibility to a company's systems makes the vendor management process far more complicated, says Sunil Chandiramani of NYKA Advisory Services

Risk 160

Solving 3rd Party Cybersecurity Risk

Data Breach Today

Your organization's risk surface may be larger than you think. Your organization's risk surface is larger than you think. How can you get a handle on what risks exist, where they reside, and which ones are most important to resolve immediately

Risk 145

Open Source Components: Managing the Risks

Data Breach Today

Maria Loughlin of Veracode on Mitigation Strategies Open source components help developers build and deploy applications faster, but with increased speed comes greater risk.

Risk 164

HHS Updates Security Risk Assessment Tool

Data Breach Today

But Why Is Conducting a Risk Analysis So Challenging for So Many Organizations? But why is conducting a risk assessment so challenging for so many

Tools 181

Future-Proofing for IoT Risks

Data Breach Today

Check Point's Robert Falzon on Preparing for the Changes to Come The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face. Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them

IoT 152

Avoiding Critical Security Risk Analysis Mistakes

Data Breach Today

Privacy attorney Adam Greene provides tips for avoiding mistakes when conducting a HIPAA security risk analysis and spells out the essential steps to take

Mitigating Emerging Risks

Data Breach Today

Chris Testa of Cybereason on Going Beyond Defense-in-Depth As businesses change their key strategies, they must ensure they mitigate new risks that emerge, says Chris Testa of Cybereason.

Risk 130

Smart Cities Challenge: Real-Time Risk Management

Data Breach Today

Risk 173

How Risk Management Is Evolving

Data Breach Today

Jennifer Bayuk of Decision Framework Systems on Putting Principles Into Practice How is risk management evolving as a result of ubiquitous cybersecurity risks?

Risk 130

How to create a risk assessment matrix

IT Governance

To comply with ISO 27001 , the international standard for information security, you need to know how to perform a risk assessment. To complete this process, you need a risk assessment matrix. What is a risk assessment matrix? How to use the risk assessment matrix.

Risk 74

GDPR Compliance: The Role of Vendor Risk Management

Data Breach Today

Attorney Steven Teppler on Holding Vendors Accountable Why is ramping up vendor risk management such a critical component of compliance with the EU's General Data Protection Regulation?

ISO 27001: Gap analysis vs. risk assessment

IT Governance

Gap analyses and risk assessments are two of the most important processes organisations must complete when implementing ISO 27001 or reviewing their compliance status. What is a risk assessment? The process begins by creating a long list of risks, which will be given a risk score.

Cyber Exposure: How to Discover, Measure and Reduce Your Risk

Data Breach Today

But Diwakar Dayal of Tenable proposes ways to measure a cybersecurity posture, benchmark it against peers and use the metrics to create a report card and reduce cyber risk

Risk 187

Browser Extensions: Are They Worth the Risk?

Krebs on Security

For its part, Google tries to communicate the potential risk of extensions using three “alert” levels: Low, medium and high, as detailed in the screenshot below. Doing otherwise is almost always a high-risk proposition. Popular file-sharing site Mega.nz

Risk 172

Alerts: Some Cardiac Programmers Put PHI at Risk

Data Breach Today

DHS, Medtronic Issue Advisories About Risks Posed by Lack of Encryption Federal regulators and medical device maker Medtronic have issued alerts about the lack of encryption on certain cardiac programming devices that could potentially allow inappropriate access to patient information

The Link Between Volatility and Risk

Data Breach Today

Qadium's Matt Kraning on Lessons Learned From Review of Top Financial Networks Financial service organizations have networks that are larger and more dynamic than ever - and so are their network security risks.

Risk 148

Weak Encryption Leaves Mobile Health App at Risk for Hacking

Data Breach Today

Managing the Risks Posed by Automotive Smartphone Apps

Data Breach Today

Automotive smartphone apps that can be used to unlock or start a car pose new risks that must be managed, says Asaf Ashkenazi of Inside Secure, a mobile security firm, who provides risk mitigation insights

Risk 139

Travel-Related Breaches: Mitigating the Risks

Data Breach Today

Billings Clinic Employee's Email Hacking Incident Highlights Need for Precautions The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks

Risk 141

Simplifying Vendor Security Risk Management

Data Breach Today

Why did CISOs at a half-dozen leading healthcare organizations launch a new council aimed at standardizing vendor security risk management? One of those CISOs, John Houston of UPMC, explains why the group was launched, how it will work and why managing cloud vendor risks is a top priority

Risk 100

Risk assessments – software Vs spreadsheets

IT Governance

Risk assessments are at the core of many standards, including ISO 27001 , the international standard that describes best practice for an information security management system (ISMS). Difficult to use and identify risks or assets. What is risk assessment software? .

Risk 58

IoT Devices: Reducing the Risks

Data Breach Today

Attorney Steven Teppler, who recently wrote a report that addresses risks related to the internet of things, offers insights on risk management steps organizations in all sectors must take as IoT devices proliferate in the enterprise

IoT 112

Quantum Computing: Sizing Up the Risks to Security

Data Breach Today

Within the next five to 10 years, quantum computing will get so powerful that it could be used to break encryption on the fly, predicts Steve Marshall, CISO at U.K.-based based Bytes Software Services

Risk 144

Vendor Risk Management: Conquering the Challenges

Data Breach Today

Organizations must carefully monitor that their business associates are adequately addressing data security to help guard against breaches, says Mark Eggleston, CISO at Health Partners Plans, who will speak on vendor risk management at ISMG's Healthcare Security Summit, to be held Nov.

Risk 123

The Need for Real-Time Risk Management

Data Breach Today

As companies go through a digital transformation, they need to move toward real-time risk management - and artificial intelligence can play a critical role, says David Walter, vice president of RSA Archer

Treating digital risk at Banner Health

OpenText Information Management

To keep pace with rapidly evolving technologies, many organizations have digitized their business operations, but found themselves unprepared for the subsequent digital risk. Professional Services Security digital risk EnCase EnCase Endpoint Security security

Risk 56

Moody’s to Include Cyber Risk in Credit Ratings

Adam Levin

The American business and financial services company Moody’s will start factoring risk of getting hacked into their credit ratings for companies. The move is seen as part of a wider initiative to gauge the risk of cyberattacks and data breaches to companies and their investors. “We’ve We’ve been in the risk management business for a very long time. The post Moody’s to Include Cyber Risk in Credit Ratings appeared first on Adam Levin.

Risk 78

Gaining Visibility Into Supply Chain Risk

Data Breach Today

CrowdStrike's Mike Sentonas Shares Insights From Latest Research Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas

Risk 130

Software Vendor Breach Spotlights Broad BA Risks

Data Breach Today

Patients at 11 Organizations Affected by Hacker Attack A recent hacker attack targeting a revenue cycle management software and services vendor, which impacted more than 31,000 patients at 11 healthcare organizations, illustrates the potentially broad security risks posed by business associates

Risk 130

What is an ISO 27001 risk assessment methodology?

IT Governance

The ISO 27001 implementation and review processes revolve around risk assessments. The process begins by defining a methodology, i.e. a set of rules defining how to calculate risks. What does a risk assessment methodology do? ISO 27001 Risk Management risk assessment

Risk 60

Simplify your risk assessments

IT Governance

A risk assessment enables you to identify, analyse and evaluate your organisation’s risk. Risk assessments are central to many standards, including ISO 27001, the international standard that describes best practice for an information security management system (ISMS).

Risk 53

7 Cyber Risks to Watch Out For in 2019

IG Guru

The post 7 Cyber Risks to Watch Out For in 2019 appeared first on IG GURU. IG News Information Governance information privacy Security Cybersecurity risksby Allen Jame 2018 was an eventful year that brought various security breaches, many of which made headlines.

Risk 52

GRC Evolves Into Integrated Risk Management

Data Breach Today

Rsam's Vivek Shivananda on How the New Approach Solves a Classic Problem As corporate information silos fall, traditional approaches to governance, risk and compliance are giving way to the new category of integrated risk management solutions.

Risk 130

Managing 'Shadow IT' Risks in Healthcare Settings

Data Breach Today

Risk 151

8 top vendors for integrated risk management software

Information Management Resources

IBM, Lockpath, MetricStream and SAI Global are among the top providers of integrated risk management tools, says research firm Gartner. Hardware and software Risk management Risk analysis

Risk 65

Risk Analysis Requirement Survives 'Meaningful Use' Revamp

Data Breach Today

But current program requirements for conducting a security risk analysis would stick CMS Proposes Major Overhaul of EHR Incentive Program, Emphasizing Interoperability Federal regulators are proposing an overhaul to the "meaningful use" electronic health record incentive program.

Cryptocurrency Infrastructure Flaws Pose Bitcoin Risks

Data Breach Today

Major Cybercrime Gangs Shift From Hacking Banks to Bitcoins Bitcoin's massive rise in value and hype continues to draw the attention of hackers, scammers and organized crime.

Risk 197

How to create an ISO 27001-compliant risk treatment plan

IT Governance

The risk treatment plan (RTP) is one of the mandatory reports that you will need to produce for your information security management system (ISMS). Key elements of the risk treatment plan. The date to apply the risk treatment. Help with creating your risk treatment plan template.

Risk 68