Risk - Information Management Today

Hackers Leak Private Keys; Many MSI Products at Risk

Data Breach Today

MAY 8, 2023

Leak Includes Intel Boot Guard and OEM Image Signing Keys for Over 200 Products The security of hundreds of MSI products is at risk due to hackers leaking private code signing keys stolen during a data breach last month.

Risk

Risk Data breaches Security

Mitigating OT Security Risks: Focusing on Solutions, not Products

Data Breach Today

MAY 25, 2023

Michelle Balderson of OTORIO on How OT Security Is Now Perceived as a Business Risk OT security is being discussed in the board room as attackers adopt the use of AI and automation.

Risk

Risk Security

Minimizing Privacy Risk From Web Tracking Technologies

Data Breach Today

MARCH 7, 2023

7 Tips to Reduce Risk to Patients, Beneficiaries and the Organization As healthcare becomes increasingly interconnected, web tracking is easy to overlook but could introduce additional risks to patient privacy.

Privacy

Privacy Risk

Webinars

The Power of Storytelling in Risk Management

ERM Program Fundamentals for Success in the Banking Industry

MORE WEBINARS

US Officials Urged to Examine Chinese Risk to Electric Grid

Data Breach Today

MARCH 23, 2023

Utility Vendors Have Cut Back on Buying Chinese Transformers Due to Security Risks Utility companies have increasingly refrained from purchasing large power transformers from China given greater awareness of the security risks.

Risk

Risk Cybersecurity Manufacturing Security

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Communication is a core component of a resilient organization's risk management framework. However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. Storytelling is the ability to express ideas and convey messages to others, including stakeholders.

Risk

Insider Threat: Organizations Must Focus on Risk

Data Breach Today

MAY 2, 2023

Software Engineering Institute's Randy Trzeciak on Hybrid Workforce, Insider Risk The definition of insider threat seems to have evolved since the hybrid workforce became the norm. Randall Trzeciak of Software Engineering Institute said that in the last three years, insider threats have changed to insider risks.

Risk

Best Practices for Answering Third-Party Risk Questions

Data Breach Today

APRIL 20, 2023

Security Leader Sawan Joshi on Updating and Tailoring Partner Risk Assessments Supply chain risk has become more critical in the postpandemic world, and that means you need to ask "much more focused, targeted questions" about your partners, according to Sawan Joshi, director of information security at Cervest, a climate intelligence startup.

Risk

Risk Information Security Security

AI Heightens Cyber Risk for Legacy Weapon Systems

Data Breach Today

APRIL 19, 2023

weapons arsenal developed without a zero trust architecture is at growing risk from cyberattacks, lawmakers heard today in a panel dedicated to how artificial intelligence can simultaneously help and hurt efforts to protect warfighters from digital attacks. Blind Faith' Architectures Pervade Military Arsenal The U.S.

Risk

Risk Artificial Intelligence Military

Threat Watch: Russia-Ukraine War Remains Top CISO Risk

Data Breach Today

JUNE 17, 2022

DXC Technology's Michael Baker on Top Threats, Recruitment Tips, Career Advice Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology.

Risk

Risk IT

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Risk

Russia-Ukraine War: Cyberattack Escalation Risk Continues

Data Breach Today

MAY 13, 2022

Memo to CISOs: Risk of Attack Spillover - If Not Direct Attacks - Remains Notable As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.

Risk

Risk Cybersecurity

Taking a Risk-Based Approach to Cybersecurity

Data Breach Today

MAY 17, 2022

Many experts advise organizations to pivot from a maturity-based approach to a risk-based approach to cybersecurity. Tia Hopkins, field CTO and chief cyber risk strategist at eSentire, discusses where the maturity-based approach falls short and how a risk-based approach can help organizations.

Cybersecurity

Cybersecurity Risk

Security Risks of AI

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Many AI products are deployed without institutions fully understanding the security risks they pose.

Risk

Risk Security Cybersecurity Government

The Fifth Option in Risk Treatment

Data Breach Today

MARCH 15, 2022

Book Excerpt: Peter Gregory on Ignoring the Risk In an excerpt from his book "CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide," Peter Gregory discusses choosing the fifth option in risk management, which is ignoring the risk. He warns of the problems that choice can cause.

Risk

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

With 20% of Americans owning cryptocurrencies, speaking "fluent crypto" in the financial sector ensures you are prepared to discuss growth and risk management strategies when the topic arises. May 18th, 2023 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST

Risk

Reducing Risk by Breaking Down Supply Chain Siloes

Data Breach Today

AUGUST 3, 2022

Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.

Risk

Risk Financial Services Information Security Security

Most Common Connected Devices That Pose Risk to Hospitals

Data Breach Today

APRIL 24, 2023

Study: Unpatched Nurse Call Systems, Printers and IP Cameras Top the List Nurse call systems present a top cybersecurity risk in clinical environments, but so do an array of other similarly connected nonmedical devices commonly found in healthcare settings, says a new research study by security vendor Armis.

Risk

Risk Cybersecurity Security

How Ransomware Has Changed the Nature of Risk

Data Breach Today

JUNE 23, 2022

Kelly White of RiskRecon on Assessing Suppliers' Cyber Hygiene Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon. He discusses the correlation between cyber hygiene, ransomware and data loss.

Ransomware

Ransomware Risk

RSA Spins Off Fraud and Risk Business

Data Breach Today

JUNE 10, 2021

New Stand-Alone Firm Is Tasked With Combatting Digital Commerce Fraud RSA Security LLC has spun off its fraud and risk intelligence business into a stand-alone company named Outseer. The new company will be led by Reed Taussig as CEO, and it will serve a worldwide customer and partner community.

Risk

Risk Security IT

Why “Build or Buy?” Is the Wrong Question for Analytics

Partnering with an analytics development platform gives you the freedom to customize a solution without the risks and long-term costs of building your own. Every time an application team gets caught up in the “build vs buy” debate, it stalls projects and delays time to revenue. There is a third option. Brought to you by Logi Analytics.

Analytics

Discussion: Mitigating Risks to Customer Account Integrity

Data Breach Today

FEBRUARY 6, 2023

TeleSign's Seth Gilpin on Fraud and Risk Management in Customer Account and Device Security. Digital transformation we all have experienced over the last few years, everything online is at risk of fraud – fraudsters will try to take advantage over customer digital footprint at any time and access point.

Risk

Risk Digital transformation Security Access

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

Data Breach Today

AUGUST 17, 2021

abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say. Security Experts Size Up Impact of US Rush to Leave Afghanistan It's unlikely that the U.S.

Risk

Risk Cybersecurity Security IT

The Complexity of Managing Medical Device Security Risk

Data Breach Today

AUGUST 19, 2022

The extremely diverse architectures and systems within the tens of thousands of very specialized types of medical devices used in clinical settings adds to the complexity healthcare organizations and manufacturers face in managing cybersecurity risk for these products, says Phil Englert of H-ISAC.

Risk

Risk Security Cybersecurity Manufacturing

US Bank Regulator Weighs Stablecoin Risks and Benefits

Data Breach Today

APRIL 11, 2022

stablecoin, but there are also high risks associated with it. Some security experts question whether the technology has advanced enough and consider stablecoin risks. OCC's Hsu: Fraud Loss 'Pales in Comparison' to $2 Trillion Crypto Market Wealth Acting Comptroller of the Currency Michael J.

Risk

Risk Security Marketing IT

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Cybersecurity Leadership: Risk Exposure Awareness

Data Breach Today

SEPTEMBER 22, 2020

CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?" In this latest in a series of CEO/CISO panels, cybersecurity leaders talk frankly about the new risk surface and the role emerging technologies play in helping us keep pace with our adversaries.

Cybersecurity

Cybersecurity Risk IT

Assessing the Security Risks of Emerging Tech in Healthcare

Data Breach Today

SEPTEMBER 13, 2022

Federal Authorities Urge Healthcare Sector Entities to Take Caution A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.

Risk

Risk Artificial Intelligence Security

Insights on Mitigating Ransomware Risks

Data Breach Today

MAY 21, 2021

Janine Darling, the founder and CEO of STASH Global, discusses the pervasive and persistent problem of ransomware and how to mitigate the risks.

Ransomware

Ransomware Risk

Safe Security Raises $50M to Bring ML to Risk Quantification

Data Breach Today

APRIL 18, 2023

Generative AI Can Help Nontechnical Executives Better Understand Security Posture A cyber risk quantification startup backed by ex-Cisco CEO John Chambers has raised $50 million to apply ML technology and build more API adapters.

Risk

Risk Security

The Unexpected Cost of Data Copies

Unfortunately, data replication, transformation, and movement can result in longer time to insight, reduced efficiency, elevated costs, and increased security and compliance risk.

Security

Why Third Parties Are an Organization's Biggest Risk Point

Data Breach Today

APRIL 12, 2022

The Risk — And the Threat — Is Real Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.

Risk

Risk Access

Flaws in John Deere Systems Show Agriculture's Cyber Risk

Data Breach Today

AUGUST 9, 2021

John Deere, Researchers Spar Over Impact of Vulnerabilities Flaws uncovered in tractor manufacturer John Deere's systems underscore the cyber risks that come in tandem with the productivity gains from high-tech farming.

Risk

Risk Agriculture Manufacturing Security

Quantum Computing: Assessing the Risks

Data Breach Today

MAY 26, 2021

William Dixon of World Economic Forum on Improving Infrastructure To unlock the value of quantum computing, two systemic risks - tech governance and cybersecurity - need to be overcome, says William Dixon of the World Economic Forum.

Risk

Risk Cybersecurity Government

ENISA Highlights AI Security Risks for Autonomous Cars

Data Breach Today

FEBRUARY 20, 2021

Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report.

Risk

Risk Security Artificial Intelligence Cybersecurity

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

IoT Supply Chains: Where Risks Abound

Data Breach Today

NOVEMBER 16, 2020

ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.

IoT

IoT Risk IT

Why Healthcare Entities Fall Short Managing Security Risk

Data Breach Today

OCTOBER 27, 2021

Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.

Risk

Risk Security

How to Predict New Account Risk

Data Breach Today

DECEMBER 5, 2022

Robin Love of Early Warning on How to Look at Fraud Risk Holistically Application fraud has spiked - particularly bogus new accounts - and organizations are scrambling to improve fraud detection mechanisms without negatively affecting the legitimate customer's experience.

Risk

Risk Customer Experience

EU Parliament, Council Agree on Cybersecurity Risk Framework

Data Breach Today

MAY 16, 2022

NIS2 Directive Aims to Counter Increasing Cyberthreats to Europe The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations."

Cybersecurity

Cybersecurity Risk Information Security Security

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

Uncover and mitigate various security risks that put sensitive customer and business data at risk — including identifying misconfigured SaaS settings and suspicious or malicious behavior. By focusing on SaaS security posture management, your team can finally accomplish the following: Discover both known and unknown SaaS apps.

Security

Assessing the Privacy, Security Risks of Digital Health IT

Data Breach Today

JULY 18, 2022

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

Privacy

Privacy Risk Security IT

Critical Steps for Enhancing 3rd-Party Risk Management

Data Breach Today

APRIL 21, 2022

Recent security incidents involving third-party software, including Okta and Log4j, underscore the importance of healthcare entities taking steps to enhance their vendor risk management programs, says Chris Frenz, assistant vice president of IT security at Mount Sinai South Nassau.

Risk

Risk Security IT

CISA Orders Agencies to Mitigate Pulse Secure VPN Risks

Data Breach Today

APRIL 21, 2021

Agency Says Exploits Pose 'Unacceptable Risk' The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability and three other recently patched flaws in Pulse Connect Secure VPN products.

Risk

Risk Security Cybersecurity

Why Healthcare Orgs Must Prioritize 3rd-Party Risk Management

Data Breach Today

JANUARY 25, 2023

Venminder CEO James Hyde on Reducing Risk Exposure From Vendor Relationships With breaches on the rise and the average cost of a healthcare breach reaching a staggering $10.1 million in 2022, third-party risk management is a growing concern in the healthcare industry.

Risk

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization.

Risk

Hackers Leak Private Keys; Many MSI Products at Risk

Mitigating OT Security Risks: Focusing on Solutions, not Products

Webinars

Trending Sources

Minimizing Privacy Risk From Web Tracking Technologies

Webinars

US Officials Urged to Examine Chinese Risk to Electric Grid

The Power of Storytelling in Risk Management

Insider Threat: Organizations Must Focus on Risk

Best Practices for Answering Third-Party Risk Questions

AI Heightens Cyber Risk for Legacy Weapon Systems

Threat Watch: Russia-Ukraine War Remains Top CISO Risk

ERM Program Fundamentals for Success in the Banking Industry

Russia-Ukraine War: Cyberattack Escalation Risk Continues

Taking a Risk-Based Approach to Cybersecurity

Security Risks of AI

The Fifth Option in Risk Treatment

Everything You Need to Know About Crypto

Reducing Risk by Breaking Down Supply Chain Siloes

Most Common Connected Devices That Pose Risk to Hospitals

How Ransomware Has Changed the Nature of Risk

RSA Spins Off Fraud and Risk Business

Why “Build or Buy?” Is the Wrong Question for Analytics

Discussion: Mitigating Risks to Customer Account Integrity

Does Abandoning Embassy in Kabul Pose Cybersecurity Risks?

The Complexity of Managing Medical Device Security Risk

US Bank Regulator Weighs Stablecoin Risks and Benefits

5 Early Indicators Your Embedded Analytics Will Fail

Cybersecurity Leadership: Risk Exposure Awareness

Assessing the Security Risks of Emerging Tech in Healthcare

Insights on Mitigating Ransomware Risks

Safe Security Raises $50M to Bring ML to Risk Quantification

The Unexpected Cost of Data Copies

Why Third Parties Are an Organization's Biggest Risk Point

Flaws in John Deere Systems Show Agriculture's Cyber Risk

Quantum Computing: Assessing the Risks

ENISA Highlights AI Security Risks for Autonomous Cars

How to Package and Price Embedded Analytics

IoT Supply Chains: Where Risks Abound

Why Healthcare Entities Fall Short Managing Security Risk

How to Predict New Account Risk

EU Parliament, Council Agree on Cybersecurity Risk Framework

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Assessing the Privacy, Security Risks of Digital Health IT

Critical Steps for Enhancing 3rd-Party Risk Management

CISA Orders Agencies to Mitigate Pulse Secure VPN Risks

Why Healthcare Orgs Must Prioritize 3rd-Party Risk Management

Successful Change Management with Enterprise Risk Management

Stay Connected