While other corporate functions have embraced benchmarking, risk and security teams have been left in the dark. Existing tools for network security are unable to compare security performance against industry averages and peers. To effectively understand the impact of security programs and communicate changes to key...
A recent alert from the Department of Homeland Security warning of vulnerabilities in certain medical imaging products from GE Healthcare is a reminder to other medical device makers and healthcare entities about the risks posed by hardcoded and default credentials.
The Playbook is the definitive study of third-party security risk management practices. Based on in-depth interviews of security executives from 30 domestic and global firms, it reveals the real world capabilities and practices employed to manage third-party security risk.
Learn what real firms are doing to solve...
Vendors play a critical role in supporting key business functions. As a result, companies need to take responsibility for managing their security and risk with the partners they choose, but current methods for managing that risk are inefficient.
A March 2018 study conducted by Forrester Consulting on behalf of...
Although more organizations are adopting cloud access security broker technology, CASB policy templates and runbooks, as well as best practices, are still evolving, says Rohit Gupta, group vice president for cloud security products at Oracle Corp.
When working with cloud service providers, healthcare organizations must take responsibility for security practices rather than relying on the vendor, says Sonia Arista, a security consultant who formerly was CISO at Tufts Medical Center. She's a featured speaker at the HIMSS18 conference.
With the advent of technology in personal healthcare - internet connected glucose monitors, intravenous blood pressure monitoring, personal best friend emotional bots - a lot of highly sensitive data that's rampantly traversing the airwaves. The impact of this data getting in the wrong hands is just starting to be...
As cloud computing services evolve, the cloud opens up entirely new ways for potential attacks. Cloud systems and images have operating system and component vulnerabilities just like those in the enterprise. For example, Heartbleed, Shellshock and other major bugs can affect cloud systems, and there are new issues to...
Information security and risk management teams are frequently asked to update their Board of Directors with the cybersecurity posture of both their company and their vendors. Gartner estimates that by 2020, 75% of Fortune 500 companies will treat vendor risk management as a Board-level initiative to mitigate brand and...
Tracking risk across the vendor ecosystem is the best way to stay ahead of cybersecurity threats.
Download this whitepaper and learn how you can transform your vendor risk management with:
Speed;
Scale;
And collaboration.
Financial services firms continue to be a favorite target of threat actors, who are launching attacks that are increasingly subtle, complex, and dangerous. Even though financial institutions might maintain tight security over their own operations, lapses on the part of third-party vendors can provide malicious hackers...
Point-in-time risk assessments no longer provide enough timely, relevant data to support effective risk management efforts. In response, third-party risk intelligence (TPRI) solutions enrich internal assessment data with external information and analysis.
Download this Forrester report and learn:
Why third-party...
As a long-time security leader, Qualys CISO Mark Butler has watched the evolution of security tools and platforms. The best-of-breed approach still has value, but also has failed us, he says. How can automation and orchestration provide new business value?
Security vendor products are held to a higher standard of security. They must help their customers solve complex security problems, as well as have the most stringent security measures in place throughout the software development lifecycle. To meet those standards, many security vendors are turning to more innovative...
Bug bounties are fundamentally changing the way financial service organizations approach the security of the Internet, moving from the realm of novelty towards becoming best practice.
This report presents how the financial services industry is actively looking to bug bounty programs to augment their existing...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
