%term

Is Your Official Vendor List a Lie?

Apr 27, 2026 By UpGuard In UpGuard

How many new vendors did your team engage with today? If you’re looking at your official procurement list, the answer might be zero. But if you’re looking at employee behavior, the reality is likely much higher. Find out more about the shadow supply chain in our most recent research report: Interested in finding out more about UpGuard?

View Video

UpGuard

Read more about Is Your Official Vendor List a Lie?

Measuring Real Risk Reduction Across Your Security Stack

Apr 27, 2026 By Reach Security In Reach Security

Garrett Hamilton recently presented at the North Texas ISSA Lunch & Learn in Plano, TX to talk about what risk reduction actually looks like in practice. Reach shows customers exactly which controls they've deployed, the user impact of those changes, and how much risk has been reduced across IAM, EDR, email, firewall, and SASE. Not feature checklists. Targeted, measurable outcomes tied to the business.

View Video

Reach Security

Read more about Measuring Real Risk Reduction Across Your Security Stack

Top 10 Governance, Risk, and Compliance (GRC) Software Solutions

Apr 24, 2026 By The Apono Team In Apono

Governance is breaking. Not because companies care less about risk, but because modern infrastructure moves faster than the controls designed to govern it. In 2026, governance has to keep up with cloud-native architectures, AI adoption, API sprawl, and the explosion of machine identities across production environments.

Read Post

Apono

Read more about Top 10 Governance, Risk, and Compliance (GRC) Software Solutions

SecurityScorecard Weekly Brief: The Cyber Risk and Policy Edition - Amanda Smith

Apr 24, 2026 By SecurityScorecard In SecurityScorecard

In this week’s Weekly Brief: The Cyber Risk and Policy Edition, SecurityScorecard’s Director, Public Sector Channel Amanda Smith breaks down why the U.S. war with Iran is more than just what takes place on the physical battlefront. In 2026, as conflict unfolds in the Middle East, the digital battlefield has a direct impact on the homeland and U.S. critical infrastructure, too. “It's a global digital confrontation that hits a lot closer to home than a lot of people realize.”

View Video

SecurityScorecard

Read more about SecurityScorecard Weekly Brief: The Cyber Risk and Policy Edition - Amanda Smith

An Introduction to the NIST Risk Management Framework (RMF)

Apr 24, 2026 By Jeff Darrington In Graylog

While inherently critical to today’s businesses that run on data, implementing and enforcing data security and privacy has never been straightforward. Between collecting different types of sensitive data and deploying unique architectures, organizations cannot adopt a one-size-fits-all solution, meaning that every security architecture is unique.

Read Post

Graylog

Read more about An Introduction to the NIST Risk Management Framework (RMF)

How to Use the MITRE ATT&CK Framework as a Shared Language for SOC, CTI, GRC, and Leadership

Apr 22, 2026 By Emma Stevens In BitSight

Picture the first meeting after a serious security event. The Security Operations team is talking about alerts, detections, and lateral movement. Threat Intelligence is talking about adversary tradecraft and known campaigns. Governance and Risk is talking about control gaps, exposure, and business risk. And leadership? They only care about how bad this event is, and what the team is doing about it. Security teams often agree on the mission: deter and stop threat actors at all costs.

Read Post

BitSight

Read more about How to Use the MITRE ATT&CK Framework as a Shared Language for SOC, CTI, GRC, and Leadership

Obrela's 2025 Digital Universe Report highlights shift to stealthy, identity-driven cyberattacks

Apr 21, 2026 By Obrela In Obrela

London, 21st April - Obrela has released its Digital Universe Report 2025, revealing a significant shift in the global cyber threat landscape as attackers move away from high-volume attacks toward more targeted, stealth-driven techniques focused on identity, access and persistence.

Read Post

Obrela

Read more about Obrela's 2025 Digital Universe Report highlights shift to stealthy, identity-driven cyberattacks

What Keeps CISOs Up at Night: Cybersecurity Risks in 2026

Apr 21, 2026 By Gary Perkins In CISO Global

“ From AI-driven threats to identity-based attacks, CISOs are facing increasing pressure to manage risk while enabling business growth.“

Read Post

CISO Global

Read more about What Keeps CISOs Up at Night: Cybersecurity Risks in 2026

How Third-Party Development Partners Become Your Biggest Security Liability

Apr 21, 2026 By SecuritySenses In SecuritySenses

Third-party development partners offer real advantages: faster delivery, specialised expertise, and lower costs than building an in-house team. They also expand your attack surface in ways most organisations never fully account for. When an external team builds or modifies your systems, they bring with them their own tools, practices, access levels, and vulnerabilities. The question is not whether that creates risk. It is whether your organisation is managing it deliberately or leaving it to chance.

Read Post

SecuritySenses

Read more about How Third-Party Development Partners Become Your Biggest Security Liability

Penetration Testing as a Tool That Reveals the Real State of Cybersecurity

Apr 20, 2026 By SecuritySenses In SecuritySenses

Most security measures are built on the assumption that if something is configured correctly, it is secure. But there is a big difference between "configured" and "able to withstand an attack" - a gap that cannot be seen without practical testing. Penetration testing is not just another item on a compliance checklist; it is a way to get an honest and realistic answer to the question that truly matters to a business: can an attacker reach what is most important to us?

Read Post