Asset Management Holds the Key to Enterprise Defense

June 13, 2024 at 08:26AM Security professionals emphasize the importance of comprehensive asset management to maintain organizational security. Challenges in obtaining accurate asset inventory have increased due to the complexity and scale of modern networks. Experts stress the need for efforts to identify and manage business-technology assets effectively, as poor visibility can lead to security … Read more

Why SaaS Security is Suddenly Hot: Racing to Defend and Comply

June 13, 2024 at 07:48AM Financial cyber-attacks prompt tighter compliance regulations in the financial sector, with other industries expected to follow. Many companies lack efficient methods for managing SaaS security and compliance tasks. Free SaaS risk assessment tools offer incremental upgrades to help meet budget and security needs. Understanding financial sector cyber compliance is key … Read more

A Look at the Riskiest Connected Devices of 2024

June 10, 2024 at 05:33PM The cyberattack threat landscape for organizations encompasses various IT, IoT, and operational technology devices, offering opportunities for bad actors. Forescout Research highlights key findings, including IT devices accounting for most vulnerabilities, a surge in IoT vulnerabilities, and the top three riskiest verticals being technology, education, and manufacturing. A holistic approach … Read more

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

May 17, 2024 at 08:33AM A new report by XM Cyber has revealed a significant disparity between organizations’ security efforts and actual threats, uncovering 40 million exposures affecting business-critical assets. It emphasizes the need to prioritize high-impact exposures over traditional focus on CVE-based vulnerabilities. The report also underscores the importance of industry-specific security approaches and … Read more

Improving cyber defense with open source SIEM and XDR

May 15, 2024 at 01:16PM A cyber defense strategy is crucial for preventing, detecting, and responding to cyber attacks, mitigating financial loss, reputational damage, and legal repercussions. It involves risk assessment, technology selection, integration, incident response planning, continuous monitoring, and user awareness. Integrating Wazuh, a free, open source security solution, enhances threat detection, incident response, … Read more

6 Mistakes Organizations Make When Deploying Advanced Authentication

May 14, 2024 at 07:15AM Deploying advanced authentication measures is crucial for organizations in addressing human users as the weakest cybersecurity link. Mistakes to avoid include failing to conduct a risk assessment, neglecting integration with current systems, relying on one authentication factor, disregarding user experience, overlooking authentication activities, and neglecting user training. These mistakes hinder … Read more

AXA XL Introduces Endorsement to Help Public Companies Address SEC Cyber Reporting Costs

May 6, 2024 at 05:10PM AXA XL introduces a new cyber insurance endorsement tailored for public companies to address costs associated with meeting updated SEC reporting compliance obligations after a cyber incident. The endorsement covers expenses for investigating breaches, legal fees, and filing Form 8-K within four days of determining a material cyber breach. This … Read more

You Against the World: The Offenders Dilemma

April 16, 2024 at 07:42AM The article emphasizes the need for careful selection of modeling, preparation, and fortification techniques to counter the wide array of tools that foreign attackers possess. It highlights the complexity of the offenders’ dilemma in the realm of security. It seems like this meeting discussed the challenges posed by foreign attackers … Read more

Veracode Buys Longbow Security for Automated Root Cause Analysis Tech

April 1, 2024 at 04:48PM Veracode has acquired Longbow Security, a startup focused on automating root cause analysis of security vulnerabilities, with financial details undisclosed. Veracode plans to use Longbow’s technology to assist security teams in rapidly discovering cloud and application assets, assessing threat exposure, and automating issue investigation and remediation. The acquisition aims to … Read more

The Imperative for Modern Security: Risk-Based Vulnerability Management

February 29, 2024 at 07:57AM The news has been filled with reports of various vulnerabilities being exploited, highlighting the urgent need for organizations to modernize their vulnerability management practices. With the rise in cyber threats, organizations face resource constraints and challenges in patch management, making a risk-based approach essential for prioritizing and managing vulnerabilities effectively. … Read more