Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management


How to Manage Risk Effectively in Cloud-Native Environments

We’ve all got our heads in the cloud, or if not yet, we’re well on our way there. In other words, the process of digital transformation is happening at such a pace that almost all organizations will soon be working in the cloud and using cloud-native technology. Analyst Gartner has predicted that by 2025, over 95% of new digital workloads will be deployed on cloud-native platforms. This represents a 30% growth from 2021.


Where is Your Risk? Software License Compliance and Other Non-Vulnerability Risk

In this final post of a series on software-related risks, we take a look software license compliance and other non-vulnerability risk. Not all software risk has to do with vulnerabilities and the security threats that can come from them. Organizations need to be aware of their licensing requirements and status on various software dependencies, including open source software, because they could be out of compliance if the software license has expired.


The SPoF that is DNS

The idea behind “SPoF,” or “Single Point of Failure,” is that if one part of a system fails, then the entire system fails. It’s not desirable. In IT and security circles, if a system or application can be disrupted or degraded severely by the failure of just one component or subcomponent, then we usually deem the design to have a flaw.


Enterprise Cybersecurity: What it is & Why it's Important

Having effective enterprise cybersecurity is more than having your employees create a password that isn’t their pet’s name—unless perhaps their cat’s name is at least 12 characters long, and a combination of upper- and lower-case letters and symbols. Whether it’s well-researched spearphishing attempts or bypassing MFA, threat actors have only become more daring.


5 Key Cybersecurity Insights from The World Economic Forum in Davos

SecurityScorecard has been in Davos, Switzerland for the past week with heads of state, CEOs, and other global leaders as part of the 2023 World Economic Forum’s Annual Meeting. Along with climate change, sustainability, and geopolitical complexities, cybersecurity is one of the hottest topics of WEF’s official programming and the myriad private events that are part of the Davos annual experience.


Five Steps Critical Manufacturing Can Take to Boost Cyber Resilience

The Fourth Industrial Revolution, with its accelerating pace of digitization and automation, means that organizations are becoming more dependent on data processing and connectivity to deliver value to their customers and stakeholders. Threat actors exploit this growing attack surface to achieve their aims: fraud, extortion, harassment, espionage, and other harms. They are smart, adaptive, and ruthless—and getting rich as a result.


Where is Your Risk? Vulnerabilities in Open Source Software

The first post of this series on the software-related risks organizations are facing looked at vulnerabilities introduced in development. In this post we look at the risks of open source vulnerabilities. Organizations are increasingly dependent on third-party software, including open source code, but current tools provide limited visibility and require a lot of manual work.