The Future of Network Security: Automated Internal and External Pentesting

December 10, 2024 at 08:06AM As cyber threats evolve, automated internal and external pentesting becomes essential for organizations. These cost-effective solutions enable frequent and thorough security assessments, addressing both insider and perimeter risks. Automated tools, like vPenTest, offer detailed insights, streamline compliance, and empower IT teams to enhance their security posture proactively. ### Key Takeaways … Read more

How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges

December 4, 2024 at 05:54AM Organizations often struggle with ineffective password policies that are either too rigid or too lax. A well-balanced policy must be compliant, based on real data, enforceable, and clearly communicated. Regular audits and updates are essential to address security needs while ensuring usability, ultimately strengthening an organization’s overall security posture. ### … Read more

BigID Releases Data Activity Monitoring to Extend DDR, Detect Malicious Actors, and Strengthen Data Security Posture

December 3, 2024 at 05:39PM BigID has launched Data Activity Monitoring, enhancing data security by proactively managing risks, identifying insider threats, and ensuring compliance. Unlike traditional tools, it tracks data access activity for improved decision-making and faster investigations. BigID continues to receive accolades for its innovative approaches in data security and compliance management. **Meeting Takeaways … Read more

VISO TRUST Secures $24M to Accelerate Innovation in AI-Powered Third-Party Risk Management

November 21, 2024 at 05:14PM VISO TRUST announced $7M in funding, totaling $24M, to enhance its AI-powered third-party risk management platform. This investment, from existing and new investors, will accelerate innovation, enabling faster vendor assessments and improved security intelligence, helping organizations manage cyber risks efficiently in a complex digital landscape. ### Meeting Takeaways from VISO … Read more

Navigating third-party risks

November 19, 2024 at 09:42AM SailPoint is hosting a webinar on December 3rd at 11 AM ET, focusing on managing third-party risks to enhance security and compliance. Key topics include identifying vulnerabilities, effective access controls, and fostering a culture of compliance. Attendees will receive actionable insights to improve defenses against external threats. ### Meeting Takeaways … Read more

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

November 18, 2024 at 06:03AM IT leaders are urged to conduct more frequent network penetration testing to stay ahead of hackers, as compliance-focused approaches are insufficient. Automated testing solutions like vPenTest can reduce costs by over 60%, allowing companies to perform assessments quickly, maintain security year-round, and meet regulatory and insurance requirements efficiently. ### Meeting … Read more

NatWest blocks bevy of apps in clampdown on unmonitorable comms

November 14, 2024 at 06:02AM NatWest Group has officially banned several messaging apps, including WhatsApp, Telegram, and Signal, on company devices to enhance oversight and protect against regulatory issues. The policy, effective November 6, aims to prevent unrecorded communications. Approved methods include Microsoft Teams and Outlook, aligning with industry practices following regulatory scrutiny. **Meeting Takeaways: … Read more

Managing third-party risks in complex IT environments

November 12, 2024 at 10:14AM Join the webinar on December 3rd at 11 AM ET with Steve Toole from SailPoint, discussing risks of third-party access to systems and data. Learn about identifying risks, mitigation strategies, and fostering a security-first culture. Ideal for IT managers and security professionals. Register to enhance third-party risk management practices. **Meeting … Read more

The Power of the Purse: How to Ensure Security by Design

November 12, 2024 at 10:03AM The CISA’s Secure by Design pledge, aimed at improving cybersecurity in software companies, is voluntary and lacks regulatory enforcement, raising concerns about its effectiveness. With rising data breaches, a more aggressive governmental approach, including mandatory compliance measures similar to the EU’s standardization efforts, is necessary to ensure robust cybersecurity. ### … Read more

The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses

November 8, 2024 at 06:45AM The rising demand for cybersecurity has led to increased interest in virtual Chief Information Security Officer (vCISO) services among small and medium-sized businesses (SMBs). The vCISO Academy was created to provide training and resources for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) to offer effective vCISO services. … Read more