#ComplianceIssues

Managing Cyber-Risk Is No Different Than Managing Any Business Risk

by

September 24, 2024 at 10:03AM Summary: Business risks encompass various categories, all affected by cyber-risks. Market research shows strong cybersecurity correlates with higher shareholder return. Chief information security officers are adopting artificial intelligence to counter evolving cyber threats, but express mixed feelings about AI risks. Elevating cyber-risk management to essential protocol and recognizing cyber-risks as … Read more

How to manage shadow IT and reduce your attack surface

by

September 23, 2024 at 10:19AM Employees increasingly turn to unauthorized IT solutions, known as “shadow IT,” to improve productivity, posing security and compliance risks. This involves using unapproved devices, software, and services. To manage these risks, strategies include identifying root causes, educating employees, establishing clear policies, and leveraging technology tools. Adopting External Attack Surface Management … Read more

Google cuts ties with Entrust in Chrome over trust issues

by

June 28, 2024 at 10:36AM Google is ending its trust in Entrust due to a history of compliance and general improvement failures. From November 1 in Chrome 127, TLS server authentication certificates using Entrust or AffirmTrust roots won’t be trusted by default. This may require website owners to choose a new CA owner to avoid … Read more

The Danger of Forgotten Pixels on Websites: A New Case Study

by

October 26, 2023 at 08:42AM A case study by Reflectiz highlights the risks of forgotten and misconfigured pixels on websites. In one instance, a healthcare provider had a pixel that collected private data without user consent, potentially leading to fines and damage to the company’s reputation. Configuration drift and compliance issues related to privacy regulations … Read more