Security Risks of Chatbots

Schneier on Security

Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks

Risk 93

Managing Open Source Risks

Data Breach Today

But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks Chris Eng of CA Veracode on Best Practices Open source and third-party components help developers build and deploy applications faster.

Risk 156

Maximize Cybersecurity Risk Ratings in 2019

Data Breach Today

Insights from the Forrester New Wave: Cybersecurity Risk Rating Solutions, Q4 2018. If you are a security or risk leader, you know that even with a formal third-party risk program in place, you are not effectively keeping track of all of your third parties

Risk 156

Who Faces Biggest Financial Risks From Cyberattacks?

Data Breach Today

Risk 192

Improving Vendor Risk Management

Data Breach Today

NYKA Advisory Services' Sunil Chandiramani Offers Insights for Financial Institutions Providing vendors with visibility to a company's systems makes the vendor management process far more complicated, says Sunil Chandiramani of NYKA Advisory Services

Risk 150

Solving 3rd Party Cybersecurity Risk

Data Breach Today

Your organization's risk surface may be larger than you think. Your organization's risk surface is larger than you think. How can you get a handle on what risks exist, where they reside, and which ones are most important to resolve immediately

Risk 133

Major Flaw in Runc Poses Mass Container Takeover Risk

Data Breach Today

The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk

Risk 214

Business Email Compromise: Mitigating the Risk

Data Breach Today

David Appelbaum of Valimail on Addressing Vulnerabilities Email remains a key vector for inbound attacks. David Appelbaum of Valimail explains how the threat can be remediated

Risk 167

HHS Updates Security Risk Assessment Tool

Data Breach Today

But Why Is Conducting a Risk Analysis So Challenging for So Many Organizations? But why is conducting a risk assessment so challenging for so many

Tools 167

Medical Device Cyber Risk: An Enterprise Problem

Data Breach Today

Medical device cybersecurity risks should be viewed as an enterprise problem, say Tracey Hughes of Duke University Health Systems and Clyde Hewitt of security consultancy CynergisTek, who outline critical security steps

Risk 143

Future-Proofing for IoT Risks

Data Breach Today

Check Point's Robert Falzon on Preparing for the Changes to Come The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face. Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them

IoT 144

Open Source Components: Managing the Risks

Data Breach Today

Maria Loughlin of Veracode on Mitigation Strategies Open source components help developers build and deploy applications faster, but with increased speed comes greater risk.

Risk 153

Mitigating Emerging Risks

Data Breach Today

Chris Testa of Cybereason on Going Beyond Defense-in-Depth As businesses change their key strategies, they must ensure they mitigate new risks that emerge, says Chris Testa of Cybereason.

Risk 130

Report: UK Believes Risk of Using Huawei Is Manageable

Data Breach Today

Risk 178

How Risk Management Is Evolving

Data Breach Today

Jennifer Bayuk of Decision Framework Systems on Putting Principles Into Practice How is risk management evolving as a result of ubiquitous cybersecurity risks?

Risk 130

Blockchain in Healthcare: The Potential Benefits, Risks

Data Breach Today

He sizes up the potential risks and benefits Indiana University Health is evaluating the use of blockchain in two areas to improve healthcare information security, Mitch Parker, CISO, says in an interview at the HIMSS19 conference.

How to create a risk assessment matrix

IT Governance

To comply with ISO 27001 , the international standard for information security, you need to know how to perform a risk assessment. To complete this process, you need a risk assessment matrix. What is a risk assessment matrix? How to use the risk assessment matrix.

Risk 76

Smart Cities Challenge: Real-Time Risk Management

Data Breach Today

Risk 161

Browser Extensions: Are They Worth the Risk?

Krebs on Security

For its part, Google tries to communicate the potential risk of extensions using three “alert” levels: Low, medium and high, as detailed in the screenshot below. Doing otherwise is almost always a high-risk proposition. Popular file-sharing site

Risk 181

ISO 27001: Gap analysis vs. risk assessment

IT Governance

Gap analyses and risk assessments are two of the most important processes organisations must complete when implementing ISO 27001 or reviewing their compliance status. What is a risk assessment? The process begins by creating a long list of risks, which will be given a risk score.

Avoiding Critical Security Risk Analysis Mistakes

Data Breach Today

Privacy attorney Adam Greene provides tips for avoiding mistakes when conducting a HIPAA security risk analysis and spells out the essential steps to take

GDPR Compliance: The Role of Vendor Risk Management

Data Breach Today

Attorney Steven Teppler on Holding Vendors Accountable Why is ramping up vendor risk management such a critical component of compliance with the EU's General Data Protection Regulation?

Cyber Exposure: How to Discover, Measure and Reduce Your Risk

Data Breach Today

But Diwakar Dayal of Tenable proposes ways to measure a cybersecurity posture, benchmark it against peers and use the metrics to create a report card and reduce cyber risk

Risk 175

Assessing IoT Risks in Healthcare Environments

Data Breach Today

Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference

IoT 128

Risk assessments – software Vs spreadsheets

IT Governance

Risk assessments are at the core of many standards, including ISO 27001 , the international standard that describes best practice for an information security management system (ISMS). Difficult to use and identify risks or assets. What is risk assessment software? .

Risk 59

The Link Between Volatility and Risk

Data Breach Today

Qadium's Matt Kraning on Lessons Learned From Review of Top Financial Networks Financial service organizations have networks that are larger and more dynamic than ever - and so are their network security risks.

Risk 141

Simplifying Vendor Security Risk Management

Data Breach Today

Why did CISOs at a half-dozen leading healthcare organizations launch a new council aimed at standardizing vendor security risk management? One of those CISOs, John Houston of UPMC, explains why the group was launched, how it will work and why managing cloud vendor risks is a top priority

Risk 100

Travel-Related Breaches: Mitigating the Risks

Data Breach Today

Billings Clinic Employee's Email Hacking Incident Highlights Need for Precautions The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks

Risk 138

Alerts: Some Cardiac Programmers Put PHI at Risk

Data Breach Today

DHS, Medtronic Issue Advisories About Risks Posed by Lack of Encryption Federal regulators and medical device maker Medtronic have issued alerts about the lack of encryption on certain cardiac programming devices that could potentially allow inappropriate access to patient information

IoT Devices: Reducing the Risks

Data Breach Today

Attorney Steven Teppler, who recently wrote a report that addresses risks related to the internet of things, offers insights on risk management steps organizations in all sectors must take as IoT devices proliferate in the enterprise

IoT 108

Gaining Visibility Into Supply Chain Risk

Data Breach Today

CrowdStrike's Mike Sentonas Shares Insights From Latest Research Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas

Risk 130

Moody’s to Include Cyber Risk in Credit Ratings

Adam Levin

The American business and financial services company Moody’s will start factoring risk of getting hacked into their credit ratings for companies. The move is seen as part of a wider initiative to gauge the risk of cyberattacks and data breaches to companies and their investors. “We’ve We’ve been in the risk management business for a very long time. The post Moody’s to Include Cyber Risk in Credit Ratings appeared first on Adam Levin.

Risk 81

Managing the Risks Posed by Automotive Smartphone Apps

Data Breach Today

Automotive smartphone apps that can be used to unlock or start a car pose new risks that must be managed, says Asaf Ashkenazi of Inside Secure, a mobile security firm, who provides risk mitigation insights

Risk 129

Software Vendor Breach Spotlights Broad BA Risks

Data Breach Today

Patients at 11 Organizations Affected by Hacker Attack A recent hacker attack targeting a revenue cycle management software and services vendor, which impacted more than 31,000 patients at 11 healthcare organizations, illustrates the potentially broad security risks posed by business associates

Risk 130

Weak Encryption Leaves Mobile Health App at Risk for Hacking

Data Breach Today

Simplify your risk assessments

IT Governance

A risk assessment enables you to identify, analyse and evaluate your organisation’s risk. Risk assessments are central to many standards, including ISO 27001, the international standard that describes best practice for an information security management system (ISMS).

Risk 54

The Need for Real-Time Risk Management

Data Breach Today

As companies go through a digital transformation, they need to move toward real-time risk management - and artificial intelligence can play a critical role, says David Walter, vice president of RSA Archer

Vendor Risk Management: Conquering the Challenges

Data Breach Today

Organizations must carefully monitor that their business associates are adequately addressing data security to help guard against breaches, says Mark Eggleston, CISO at Health Partners Plans, who will speak on vendor risk management at ISMG's Healthcare Security Summit, to be held Nov.

Risk 115

GRC Evolves Into Integrated Risk Management

Data Breach Today

Rsam's Vivek Shivananda on How the New Approach Solves a Classic Problem As corporate information silos fall, traditional approaches to governance, risk and compliance are giving way to the new category of integrated risk management solutions.

Risk 130

What is an ISO 27001 risk assessment methodology?

IT Governance

The ISO 27001 implementation and review processes revolve around risk assessments. The process begins by defining a methodology, i.e. a set of rules defining how to calculate risks. What does a risk assessment methodology do? ISO 27001 Risk Management risk assessment

Risk 61