Taking a Risk-Based Approach to Cybersecurity

Data Breach Today

Many experts advise organizations to pivot from a maturity-based approach to a risk-based approach to cybersecurity. Tia Hopkins, field CTO and chief cyber risk strategist at eSentire, discusses where the maturity-based approach falls short and how a risk-based approach can help organization

Risk 200

Russia-Ukraine War: Cyberattack Escalation Risk Continues

Data Breach Today

Memo to CISOs: Risk of Attack Spillover - If Not Direct Attacks - Remains Notable As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high.

Risk 207

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cyber Risk Quantification: The Quest for Transparency

Data Breach Today

BitSight's Stephen Boyer Says Regulations Are Driving Better Board-Level Awareness How can companies make their cybersecurity posture more transparent to stakeholders? That's a question being asked by both boards of directors and potential investors, says Stephen Boyer, founder and CTO of BitSight.

Risk 194

What is Cybersecurity Risk Management?

eSecurity Planet

Risk management is a concept that has been around as long as companies have had assets to protect. This article looks at cybersecurity risk management, how to establish a risk management system, and best practices for building resilience. What is Cybersecurity Risk Management?

Risk 95

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

Proof of Concept: The Corporate Risk of Using Social Media

Data Breach Today

current ransomware and scam trends, and handling the potential corporate risk of sharing information on social media

Risk 177

Insights on Mitigating Ransomware Risks

Data Breach Today

Janine Darling, the founder and CEO of STASH Global, discusses the pervasive and persistent problem of ransomware and how to mitigate the risks

Risk 227

Threat Watch: Russia-Ukraine War Remains Top CISO Risk

Data Breach Today

DXC Technology's Michael Baker on Top Threats, Recruitment Tips, Career Advice Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology.

Risk 196

Critical Steps for Enhancing 3rd-Party Risk Management

Data Breach Today

Recent security incidents involving third-party software, including Okta and Log4j, underscore the importance of healthcare entities taking steps to enhance their vendor risk management programs, says Chris Frenz, assistant vice president of IT security at Mount Sinai South Nassau

Risk 191

The Fifth Option in Risk Treatment

Data Breach Today

Book Excerpt: Peter Gregory on Ignoring the Risk In an excerpt from his book "CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide," Peter Gregory discusses choosing the fifth option in risk management, which is ignoring the risk.

Risk 177

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

How Ransomware Has Changed the Nature of Risk

Data Breach Today

Kelly White of RiskRecon on Assessing Suppliers' Cyber Hygiene Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon.

Risk 132

Quantum Computing: Assessing the Risks

Data Breach Today

William Dixon of World Economic Forum on Improving Infrastructure To unlock the value of quantum computing, two systemic risks - tech governance and cybersecurity - need to be overcome, says William Dixon of the World Economic Forum

Risk 210

Cybersecurity Leadership: Risk Exposure Awareness

Data Breach Today

CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?"

Risk 236

Why Third Parties Are an Organization's Biggest Risk Point

Data Breach Today

The Risk — And the Threat — Is Real Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline

Risk 205

Add User Tests to Your Agile Process: Reduce Risk in Shipping New Products

Agile has become the go-to methodology for companies that want to reduce the risk involved in shipping new products. But how do you prevent building items nobody wants? If you wait to get user feedback until after development, then you’ve waited too long.

RSA Spins Off Fraud and Risk Business

Data Breach Today

New Stand-Alone Firm Is Tasked With Combatting Digital Commerce Fraud RSA Security LLC has spun off its fraud and risk intelligence business into a stand-alone company named Outseer.

Risk 275

Medical Devices: Tackling 3rd-Party Component, Software Risk

Data Breach Today

The integration of third-party components and software is an increasingly critical area of security risk that needs more attention from medical device manufacturers, says Anura Fernando, global head of medical device security at safety certification and consulting firm UL

Risk 171

On Risk-Based Authentication

Schneier on Security

A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before.

US Bank Regulator Weighs Stablecoin Risks and Benefits

Data Breach Today

stablecoin, but there are also high risks associated with it. Some security experts question whether the technology has advanced enough and consider stablecoin risks

Risk 204

Are You Ready For Predictive Analytics?

Speaker: Anita Lauper Wood, Product Strategist

Successful implementation of predictive analytics can feel unpredictable. There are risks that need to be consciously addressed, and successful implementation requires the right strategy. Join Anita Lauper Wood, Product Strategist, for a valuable session for product and technology leaders.

EU Parliament, Council Agree on Cybersecurity Risk Framework

Data Breach Today

NIS2 Directive Aims to Counter Increasing Cyberthreats to Europe The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations."

Risk 196

Report: Zero-Day Flaws Pose Attack Risks to Hospital Robots

Data Breach Today

Some experts say the situation is a reminder of commonly overlooked IoT device risks

Risk 217

OT-IT Integration Raises Risk for Water Providers, Experts Say

Data Breach Today

This comes as water providers see a big increase in the risk they face by connecting their legacy machines to the internet

Risk 204

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

Data Breach Today

abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say Security Experts Size Up Impact of US Rush to Leave Afghanistan It's unlikely that the U.S.

Risk 281

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

AI Security Risk Assessment Tool

Schneier on Security

Uncategorized artificial intelligence automation machine learning risk assessmentMicrosoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” ” Details on their blog.

Risk 107

Flaws in John Deere Systems Show Agriculture's Cyber Risk

Data Breach Today

John Deere, Researchers Spar Over Impact of Vulnerabilities Flaws uncovered in tractor manufacturer John Deere's systems underscore the cyber risks that come in tandem with the productivity gains from high-tech farming.

GUEST ESSAY: New SEC rules aim to help C-levels, board members quantify cyber risks

The Last Watchdog

Securities and Exchange Commission (SEC) is taking steps to crack down on insufficient cyber risk reporting. Related : Making third-party risk audits actionable. Seeking to minimize cybersecurity threat effects, the SEC has proposed several amendments requiring organizations to report on cyber risk in a “fast, comparable, and decision-useful manner.”. The new rules urge companies to build more robust cyber risk management programs. The U.S.

Risk 127

What About Password Manager Risks?


In KnowBe4’s new Password Policy ebook, What Your Password Policy Should Be , we recommend that all users use a password manager to create and use perfectly random passwords. A perfectly random 12-character or longer password is impervious to all known password guessing and cracking attacks.

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.

Biometric Technology: Assessing the Risks

Data Breach Today

The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments

Risk 235

Best Risk Management Software for 2021

eSecurity Planet

Enterprise risk management software can provide risk monitoring, identification, analysis, assessment, and mitigation, all in one solution. . Jump to: Top Risk Management Software Vendors What is Risk Management? Top Risk Management Software Vendors.

Risk 71

COVID-19 Risks of Flying

Schneier on Security

This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot.

Risk 113

Using Russian Security Software? UK Says Risks Have Changed

Data Breach Today

War Alters Resiliency Requirements, Britain's National Cyber Security Center Warns The Russia-Ukraine war has altered the risks facing organizations that use Russian technology or services, including the increased threat of being directly targeted, as well as disruptions caused by any new sanctions, warns Britain's National Cyber Security Center.

Risk 190

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

IoT Supply Chains: Where Risks Abound

Data Breach Today

ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins.

IoT 215

ENISA Highlights AI Security Risks for Autonomous Cars

Data Breach Today

Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report

Top 5 Cyber Security Risks for Businesses

IT Governance

In an increasingly digital world, there are an escalating number of cyber security risks for business to address. In this blog, we look at the top five cyber security risks that businesses face, and explain how you can prevent them.

Mitigating the Risks Posed by Synthetic IDs

Data Breach Today

A Fraud Manager Describes the Roles of Artificial Intelligence, Machine Learning Artificial intelligence and machine learning offer the best hope for addressing the risks posed by synthetic identities, says Justin Davis, fraud manager at Digital Federal Credit Union

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.