Learn how the pro's create and optimize efficient, scalable third-party cyber risk management programs - and how you can, too.
Implementing an efficient, effective third-party cyber risk management (TPCRM) program is essential to securing your organization's cyber ecosystem by tracking, avoiding, and minimizing the...
The unfortunate reality is that your data security strategy will most likely stall or fail. Unstructured data is getting out of view and control in every organization across verticals. Policy management plays a critical role in the development of data security initiatives, but also requires a coordinated data...
With new threats targeting the nation's critical infrastructure, partnerships among government and private-sector security professionals are more critical than ever, says Brian Harrell of the new U.S. Cybersecurity and Infrastructure Security Agency.
Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords. The exploits come despite both vendors having released patches several months ago - Pulse Secure in April, Fortinet in May.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
VMware is acquiring cloud security firm Carbon Black in a $2.1 billion cash deal to bolster the virtualization giant's security portfolio. It's also acquiring Pivotal, a company that focuses on helping its customers build applications in the cloud as well as through new technologies such as containers.
Hunterdon Healthcare in New Jersey is shifting applications to cloud providers in order to tap into security capabilities and innovation that doesn't run as deep in the integrated healthcare delivery system's own technology team, says Jason Tahaney, the organization's director of IT.
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday.
Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes. But in practice, bug bounty programs can be messy and actually create perverse incentives, says bug-hunting expert Katie Moussouris.
Cryptomining malware has exploded on the threat landscape, becoming one of the most common malware attacks and posing a significant risk to your IT assets.
Here are the answers you need: what it does, how it gets in, and how to recognize and prevent it.
Download the report.
As businesses grow and change, so too does the nature of risk. Technology plays a critical role in managing risks related to one area in particular: third-party risk management (TPRM).
Adapting technology to industry-specific needs, a deliberate rollout strategy and effective change management processes all play...