Quantify Risk, Calculate ROI

Dark Reading

SecurityScorecard's ROI Calculator helps organizations quantify cyber-risk to understand the financial impact of a cyberattack

Risk 81

Taking a Risk-Based Approach to Cybersecurity

Data Breach Today

Many experts advise organizations to pivot from a maturity-based approach to a risk-based approach to cybersecurity. Tia Hopkins, field CTO and chief cyber risk strategist at eSentire, discusses where the maturity-based approach falls short and how a risk-based approach can help organization

Risk 206
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Russia-Ukraine War: Cyberattack Escalation Risk Continues

Data Breach Today

Memo to CISOs: Risk of Attack Spillover - If Not Direct Attacks - Remains Notable As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high.

Risk 217

Insights on Mitigating Ransomware Risks

Data Breach Today

Janine Darling, the founder and CEO of STASH Global, discusses the pervasive and persistent problem of ransomware and how to mitigate the risks

Risk 234

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Assessing the Security Risks of Emerging Tech in Healthcare

Data Breach Today

Federal Authorities Urge Healthcare Sector Entities to Take Caution A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.

Reducing Risks by Optimizing Your Cybersecurity Workflow

Data Breach Today

CISOs have enough tools to identify security weaknesses, says Yoran Sirkis, but they need a way to make the information those tools gather more accessible and to streamline the remediation process. The CEO of Seemplicity discusses how its platform can help security leaders manage remediations

Risk 202

The Fifth Option in Risk Treatment

Data Breach Today

Book Excerpt: Peter Gregory on Ignoring the Risk In an excerpt from his book "CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide," Peter Gregory discusses choosing the fifth option in risk management, which is ignoring the risk.

Risk 197

What is Cybersecurity Risk Management?

eSecurity Planet

Risk management is a concept that has been around as long as companies have had assets to protect. This article looks at cybersecurity risk management, how to establish a risk management system, and best practices for building resilience. What is Cybersecurity Risk Management?

Risk 93

Quantum Computing: Assessing the Risks

Data Breach Today

William Dixon of World Economic Forum on Improving Infrastructure To unlock the value of quantum computing, two systemic risks - tech governance and cybersecurity - need to be overcome, says William Dixon of the World Economic Forum

Risk 217

Are You Ready For Predictive Analytics?

Speaker: Anita Lauper Wood, Product Strategist

Successful implementation of predictive analytics can feel unpredictable. There are risks that need to be consciously addressed, and successful implementation requires the right strategy. Join Anita Lauper Wood, Product Strategist, for a valuable session for product and technology leaders.

Critical Steps for Enhancing 3rd-Party Risk Management

Data Breach Today

Recent security incidents involving third-party software, including Okta and Log4j, underscore the importance of healthcare entities taking steps to enhance their vendor risk management programs, says Chris Frenz, assistant vice president of IT security at Mount Sinai South Nassau

Risk 203

Cybersecurity Leadership: Risk Exposure Awareness

Data Breach Today

CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?"

Risk 236

RSA Spins Off Fraud and Risk Business

Data Breach Today

New Stand-Alone Firm Is Tasked With Combatting Digital Commerce Fraud RSA Security LLC has spun off its fraud and risk intelligence business into a stand-alone company named Outseer.

Risk 279

The Complexity of Managing Medical Device Security Risk

Data Breach Today

The extremely diverse architectures and systems within the tens of thousands of very specialized types of medical devices used in clinical settings adds to the complexity healthcare organizations and manufacturers face in managing cybersecurity risk for these products, says Phil Englert of H-ISAC

Risk 206

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Medical Devices: Tackling 3rd-Party Component, Software Risk

Data Breach Today

The integration of third-party components and software is an increasingly critical area of security risk that needs more attention from medical device manufacturers, says Anura Fernando, global head of medical device security at safety certification and consulting firm UL

Risk 194

How Ransomware Has Changed the Nature of Risk

Data Breach Today

Kelly White of RiskRecon on Assessing Suppliers' Cyber Hygiene Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon.

Risk 205

On Risk-Based Authentication

Schneier on Security

A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before.

Threat Watch: Russia-Ukraine War Remains Top CISO Risk

Data Breach Today

DXC Technology's Michael Baker on Top Threats, Recruitment Tips, Career Advice Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology.

Risk 226

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.

Cyber Risk Quantification: The Quest for Transparency

Data Breach Today

BitSight's Stephen Boyer Says Regulations Are Driving Better Board-Level Awareness How can companies make their cybersecurity posture more transparent to stakeholders? That's a question being asked by both boards of directors and potential investors, says Stephen Boyer, founder and CTO of BitSight.

Risk 207

Why Third Parties Are an Organization's Biggest Risk Point

Data Breach Today

The Risk — And the Threat — Is Real Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline

Risk 207

Assessing the Privacy, Security Risks of Digital Health IT

Data Breach Today

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework

Risk 203

LA School District Forewarned of Malware, Attack Risks

Data Breach Today

Also: Vice Society Ransomware Gang Claims Credit for Attack The only surprising aspect of the ransomware attack against Los Angeles Unified School District is that it didn’t happen sooner. The district was warned of cybersecurity weaknesses in the 20 months leading to its ransomware attack.

Risk 207

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Addressing Security Risks of Mounting Legacy Health Data

Data Breach Today

In many healthcare entities, the amount of data that is being generated and retained continues to grow - and that mounting trove of legacy data is often never disposed, expanding the surface for cyberattacks and other compromises, says Matthew Bernstein of consulting firm Bernstein Data

Risk 225

Proof of Concept: The Corporate Risk of Using Social Media

Data Breach Today

current ransomware and scam trends, and handling the potential corporate risk of sharing information on social media

Risk 207

Risk Disconnect in the Cloud

Dark Reading

New Cloud Security Alliance (CSA) and Google Cloud study shows many enterprises struggle to measure and manage risk in their cloud workloads

Risk 105

Hacks Spotlight PHI Risks For Ambulance Cos., Vendors

Data Breach Today

Two Breaches Affected a Total of Nearly 400,000 Patients Recent hacking incidents involving an emergency medical transport company and a firm that provides billing services to ambulance companies underscore how protected health information is subject to risk and oversight alike before a patient even steps into a hospital.

Risk 130

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

US Bank Regulator Weighs Stablecoin Risks and Benefits

Data Breach Today

stablecoin, but there are also high risks associated with it. Some security experts question whether the technology has advanced enough and consider stablecoin risks

Risk 207

Public Water Systems at Cybersecurity Risk, Lawmakers Hear

Data Breach Today

Municipal Water Systems Installing Networked Control Systems Public water systems in the United States will continue connecting control systems to the internet despite the risks, members of the House Homeland Security Committee heard today.

Risk 130

Biometric Technology: Assessing the Risks

Data Breach Today

The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments

Risk 249

OSFI’s Technology and Cyber Risk Management Guideline: Part 1

Data Protection Report

It is noteworthy that as OSFI released the guidelines, it explained that one rationale for the Guideline was that the “risk environment has created an urgency for enhanced regulatory guidance for FRFIs […]”.

Risk 85

AI Security Risk Assessment Tool

Schneier on Security

Uncategorized artificial intelligence automation machine learning risk assessmentMicrosoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” ” Details on their blog.

Risk 108

IoT Supply Chains: Where Risks Abound

Data Breach Today

ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins.

IoT 230

Report: Zero-Day Flaws Pose Attack Risks to Hospital Robots

Data Breach Today

Some experts say the situation is a reminder of commonly overlooked IoT device risks

Risk 219

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

Data Breach Today

abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say Security Experts Size Up Impact of US Rush to Leave Afghanistan It's unlikely that the U.S.

Risk 281

EU Parliament, Council Agree on Cybersecurity Risk Framework

Data Breach Today

NIS2 Directive Aims to Counter Increasing Cyberthreats to Europe The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations."

Risk 205