Vulnerabilities in enterprise environments create many opportunities for cyber criminals to attack the organization. Bad actors may take advantage of security misconfigurations, broken authentication processes, buffer overflows, and other vulnerabilities to spread malware, launch account takeover attacks, and steal large amounts of sensitive data. As of April 2022, the U.S.

Malware (shorthand for “malicious software”) is any intrusive software that can infiltrate your computer systems to damage or destroy them or to steal data from them. The most common types of malware attacks include viruses, worms, Trojans, and ransomware. Malware attacks are pervasive, and can be devastating to an unprepared business. Preparing for such attacks also means accepting the reality that eventually you will fall victim to one – and that you can then recover from it swiftly.

If you’ve been following any of our recent webinars or in-person presentations, you’ve heard us talk a lot about shifting the mindset from a focus on compliance to a risk-first approach. We’ve discussed that the best way to do this is to align your risk management program to specific outcomes, where compliance becomes a subset of your risk management program. But what does that mean specifically? And what are some examples of how this can be done?

Global third-party suppliers have become an essential resource for many companies, providing crucial strategic and competitive support. Outsourcing, however, is not without its dangers. As dependency on third parties grows, so do the chances of supply chain, compliance, or reputation risks that hit your organization through those third parties. Your management team will need to address those risks somehow.

There are a lot of buzzwords and hot topics in the cyber security industry but there’s one thing we GRC professionals can not agree upon … risk assessments. Some people start with a pre-built risk register while others start by conducting internal surveys. Some re-assess risk annually, some use mathematical equations and some still use spreadsheets!

The Reciprocity® Community Edition is now available and is your chance to see the new Reciprocity ROAR Platform in action and it…is…totally…free! This is a great opportunity for you to not only get an instance of the ROAR Platform but also to see how the Reciprocity Community can provide you with meaningful content and connections to other organizations facing similar challenges. And did I mention that it’s free?!?

In a world full of security breaches and litigation, every organization needs a solid strategy to identify and reduce risks relating to the use of third parties, e.g., vendors, suppliers, partners, contractors, or other service providers.