In some respects, government agencies enter the cybersecurity arena with one hand
already tied behind their backs. It's accepted: They are under great public scrutiny in terms
of their financial spending. They are challenged to recruit and retain qualified staff. And yet
they are still a favored target of...
The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
In the face of growing cybersecurity threats, it is increasingly important to measure the cost and concentration of "exposure." Having an accurate view of the resilience of organizations and industries against cyber-attacks can help target efforts to reduce exposure to the sectors that need it most and enhance...
Jeanette Manfra served under three presidents as one of the top U.S. government cybersecurity leaders. Now in her new role with Google Cloud, she draws upon her public sector experience to help agencies in their cloud adoption.
Qualcomm is prepping patches for its Snapdragon Digital Signal Processor, used in an estimated 1 billion or more Android devices, after researchers at Check Point counted 400 flaws that attackers could exploit to take control of devices and steal all data they store.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
Roger Sels of BlackBerry assesses cybersecurity risk and sees two forms of chaos - cyber and endpoint. He also sees enterprises trying to defend automated attacks at human speed, which makes him ask: Isn't it time we rebooted our approach to cybersecurity risk prevention?
It's a good time to be a CISO. You have the board's attention, and now you can use your position to ensure appropriate resources to tackle key challenges such as identity & access, cloud application security and third-party risk. Expel CISO Bruce Potter discusses how best to influence these decisions.
The recent leak of 269 GB of sensitive data from more than 200 police departments and the FBI could be a sign that law enforcement agencies are becoming a prime target for hackers, given recent civil unrest.
Third-party risk management (TPRM) is more important now than ever. The practice extends far beyond "checking the box" for compliance. And while compliance is a critical component, recent market turbulence has organizations prioritizing business continuity, financial due diligence, and business resilience. How can you...
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.
After business, as usual, has been disrupted, the path to stability is a challenging one to negotiate. The steps, timing, and impacts inevitably will vary. Regardless of your organization's state of readiness, it is critical to exercise sound risk management and follow best practices for business resiliency....