Cybersecurity Investment Involves More Than Just Technology

November 17, 2023 at 03:18AM Organizations prioritize “high value for money” when allocating cybersecurity budgets, focusing on cybersecurity technologies, threat intelligence, risk assessment, cyber-insurance, and third-party risk management. While fewer organizations see technology as good value for money compared to the previous year, there is an awareness that technology investments require investment in governance and … Read more

CVSS 4.0 Offers Significantly More Patching Context

November 7, 2023 at 03:52PM The latest version of the Common Vulnerability Scoring System (CVSS version 4.0) allows organizations to assess and manage the risk posed by security bugs more effectively. It introduces new metrics that enable a dynamic and context-sensitive evaluation of vulnerabilities. CVSS 4.0 provides a more tailored risk management approach and allows … Read more

SaaS Security is Now Accessible and Affordable to All

November 2, 2023 at 05:30AM Wing Security has launched “Essential SSPM,” a SaaS Security Posture Management tool, offering SaaS discovery, risk assessment, and user access review in a freemium model. The tool aims to simplify the process of securing SaaS usage and aligns with regulatory security standards such as ISO 27001 and SOC. It allows … Read more

Securing Cloud Identities to Protect Assets and Minimize Risk

October 27, 2023 at 04:56PM Securing cloud identities is crucial as organizations migrate data to the cloud. Compromised identities can lead to unauthorized access to sensitive information. To prevent attacks, visibility into the cloud’s identity infrastructure is necessary. Examples of high-profile attacks demonstrate the importance of this. Implementing an applied risk approach, conducting comprehensive audits, … Read more

CISA, HHS Release Cybersecurity Healthcare Toolkit

October 26, 2023 at 12:21PM The US cybersecurity agency CISA and the Department of Health and Human Services (HHS) have released a cybersecurity toolkit for healthcare and public health organizations. The toolkit provides guidance on cyber hygiene, threat landscape, best practices, and offers risk assessment tools and recommended resources. It also suggests accessing grants and … Read more

Who’s Experimenting with AI Tools in Your Organization?

October 23, 2023 at 02:09PM The growth of AI productivity tools like ChatGPT has made AI accessible to all employees, but it poses challenges for IT and security teams. Nudge Security helps organizations understand and manage the risks associated with AI tools by discovering and inventorying the tools employees are using, accelerating security reviews, detecting … Read more

What are Your Exception Expectations?

October 20, 2023 at 10:44AM In the field of cybersecurity, organizations tend to focus on new and flashy technologies, but they often overlook the importance of mastering the basics. One fundamental aspect is handling exceptions to security policies and procedures. Attackers take advantage of exceptions to infiltrate organizations, so it is crucial to have a … Read more