Accelerating Security Risk Management

November 21, 2023 at 03:09PM In this article, Mike Milner, Trend Micro VP of Cloud Technology, discusses the role of security risk management in the era of cybersecurity and how IT leaders are accelerating innovation. The article also highlights the challenges faced by organizations in managing the digital attack surface and the importance of resilience, … Read more

Against the Clock: Cyber Incident Response Plan

November 13, 2023 at 09:03PM The article emphasizes the importance of having a well-defined incident response process in place for cybersecurity breaches. It presents a fictional scenario of a metal fabrication company experiencing a cyberattack and outlines the steps involved in identifying, containing, and recovering from the attack. The role of technology, such as an … Read more

A Closer Look at State and Local Government Cybersecurity Priorities

November 13, 2023 at 02:05PM Summary: State and local governments are facing challenges in cybersecurity and risk management, legacy modernization, and consolidation/optimization. The complexity of hybrid and multicloud environments introduces vulnerabilities and asset management difficulties. Visibility for monitoring and compliance is also a challenge. Legacy modernization requires a proper cloud strategy to simplify management and … Read more

US Government Issues Guidance on SBOM Consumption

November 10, 2023 at 07:00AM The US cybersecurity agency CISA, the NSA, and the ODNI have issued new guidance to help software vendors secure the software supply chain. The guidance focuses on assessing security measures throughout the software lifecycle, managing open source software and software bills of materials, and making recommendations for different phases of … Read more

Risk Ledger Secures £6.25M to Prevent Cyberattacks on the Supply Chains of Nation’s Largest Enterprises

November 7, 2023 at 05:38PM London-based cyber security business Risk Ledger has raised £6.25m ($8.5m) in a series A funding round led by Mercia Ventures. The company plans to use the funding to strengthen supply chains and develop tools to combat supply chain security attacks. Risk Ledger offers a social network approach to supply chain … Read more

Steps to Follow to Comply With the SEC Cybersecurity Disclosure Rule

November 7, 2023 at 01:52AM The Securities and Exchange Commission (SEC) has implemented a new rule requiring companies to disclose cybersecurity incidents and provide annual information on their cybersecurity risk management, strategy, and governance. The rule mandates the filing of Form 8-K within four business days of determining an incident as material, with enforcement starting … Read more

FIRST Announces CVSS 4.0 – New Vulnerability Scoring System

November 2, 2023 at 05:30AM The Forum of Incident Response and Security Teams (FIRST) has announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard. This update aims to provide a more accurate assessment of vulnerabilities and introduces new metrics for assessment. It also emphasizes that CVSS should not be the sole … Read more

CISO Skills in a Changing Security Market: Are You Prepared?

October 30, 2023 at 03:08AM CISOs today require a combination of technical and business skills. They must be critical thinkers who can contribute to strategic business discussions. They need to educate and communicate effectively with boards and decision-makers. CISOs benefit from diverse perspectives gained through different industries and roles. They must also promote a multi-layered … Read more

SMBs Need to Balance Cybersecurity Needs and Resources

October 26, 2023 at 07:57PM Small and midsize businesses (SMBs) face significant challenges in managing cyber threats, including employee mistakes, third-party compliance needs, data privacy laws, the hybrid workforce, targeted attacks, and a changing threat landscape. A study from Sage revealed that almost half of SMBs have experienced a cybersecurity incident in the past year. … Read more

Strategic Tips to Optimize Cybersecurity Consolidation

October 25, 2023 at 02:49PM Cybersecurity consolidation is key to reducing complexity and improving security outcomes for organizations. Adopting a platform that supports third-party integrations and taking an incremental approach are crucial. A consolidated platform provides centralized visibility, automation, and better compliance. It also addresses challenges such as the lack of cybersecurity skills and the … Read more