Tips for Preventing Breaches in 2025

December 11, 2024 at 09:59AM In 2024, significant data breaches impacted major companies, costing US businesses over $9 million on average. With 98% of companies working with breached vendors, proactive security measures, including regular vendor reviews, audits, and advanced protections like encryption and access controls, are essential for mitigating risks and safeguarding data in 2025. … Read more

VISO TRUST Secures $24M to Accelerate Innovation in AI-Powered Third-Party Risk Management

November 21, 2024 at 05:14PM VISO TRUST announced $7M in funding, totaling $24M, to enhance its AI-powered third-party risk management platform. This investment, from existing and new investors, will accelerate innovation, enabling faster vendor assessments and improved security intelligence, helping organizations manage cyber risks efficiently in a complex digital landscape. ### Meeting Takeaways from VISO … Read more

The Case Against Abandoning CrowdStrike Post-Outage

October 31, 2024 at 10:01AM The July CrowdStrike outage highlighted risks in vendor security, prompting discussions on industry responses to such events. Companies should assess vendor reliability, avoid hasty changes, and maintain a balanced approach to updates. Leaders must act cautiously, avoiding panic-driven decisions while improving cybersecurity resilience and business continuity strategies. ### Meeting Takeaways … Read more

Vulnerability Prioritization & the Magic 8 Ball

October 10, 2024 at 07:08AM The CVE program, celebrating 25 years, has significantly advanced vulnerability management despite persistent challenges like inconsistency in CVE issuance, subjective severity scoring, and the automation of CVE creation. Effective patching requires a nuanced approach, prioritizing critical systems to mitigate risks from potential attacks across all system layers. ### Meeting Takeaways … Read more

An AI-Driven Approach to Risk-Scoring Systems in Cybersecurity

September 19, 2024 at 10:51AM AI is transforming cybersecurity risk assessment with its ability to analyze vast data and detect complex threats, offering real-time risk scoring. While it enhances security strategies and predictive capabilities, it’s not a standalone solution. Combining AI’s analytical power with human expertise creates a robust defense against cyber threats and enables … Read more

Halliburton confirms data stolen in recent cyberattack

September 3, 2024 at 09:00AM Oil and gas company Halliburton confirmed to the SEC that data was stolen in a recent attack by RansomHub ransomware gang. The breach prompted disruptions to its systems and caused concern among customers. Halliburton is evaluating the scope of the breach and potential financial and customer impact, including risks of … Read more

How Can Organizations Navigate SEC’s Cyber Materiality Disclosures?

August 15, 2024 at 08:14AM Cybersecurity leaders need to navigate the SEC’s cybersecurity disclosure regulations carefully. The SEC’s guidance offers a starting point for CISOs to determine materiality, suggesting a 0.01% revenue loss threshold. This quantitative framework, combined with qualitative impacts, can aid in making informed disclosure decisions, ensuring compliance and transparency. From the meeting … Read more

Identity Threat Detection and Response Solution Guide

August 15, 2024 at 07:33AM Identity Threat Detection and Response (ITDR) is vital for detecting and responding to identity-based attacks, covering both human and non-human identities in various environments. Core capabilities include developing universal identity profiles, tracking access paths, and orchestrating multi-environment detection. An effective ITDR solution should address questions regarding identity inventory, risk assessment, … Read more

Cybersecurity Compass: An Integrated Cyber Defense Strategy

August 2, 2024 at 03:20PM The Cybersecurity Compass, initially designed for CISOs, has evolved to benefit various cybersecurity professionals and stakeholders, offering strategic guidance and direction. It employs a metaphorical framework, aiming to fortify organizations against cyber threats and assist in incident response. The shift to a more inclusive approach reflects a broader applicability within … Read more

Cyber-Insurance Prices Plummet as Market Competition Grows

July 8, 2024 at 02:07PM The cyber-insurance market has seen a significant decline in premium rates, making coverage more accessible to organizations of all sizes. Factors contributing to this decrease include a more competitive marketplace, improved cyber hygiene, and better risk assessment by insurers. Despite a rise in cyber-attacks, prices are expected to remain stable … Read more