Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

Board Responsibilities for Data Security and Privacy

Corporate boards are tasked with ensuring that sensitive information—ranging from intellectual property (IP) and end-user information to sales statistics—is handled securely. As data becomes an ever-more valuable asset, so too do the risks associated with mismanagement.

How to Set Up and Run a Workable AI Council to Govern Trustworthy AI

As in many companies around the world, Bitsight leadership believes that adoption and innovation through the use of artificial intelligence (AI) capabilities is crucial to the future of our company. From the top down, our employees are continually on the hunt for ways to leverage AI to improve business outcomes and customer productivity.

Critical Vulnerabilities Uncovered: How Bitsight Delivered Fast, Actionable Insights in Under 24 Hours

The speed at which vulnerabilities are detected and addressed can drastically impact an organization’s likelihood of suffering a security incident. Recently, Bitsight demonstrated how its investments in product fingerprinting and CVE mapping allowed it to identify and surface assets potentially impacted by a set of critical vulnerabilities in the CUPS printing system in under 24 hours.

The Road Taken: Pathways to Better Compliance

Ralph Waldo Emerson, the renowned American writer, lecturer and philosopher, is often credited with the phrase “It’s not the destination, it’s the journey.” Legal, Compliance, Risk and Security professionals would be wise to consider Emerson’s wise words and philosophy. The path to optimal compliance outcomes and practices is long and full of twists and turns – with new and increasingly complex rules, regulations and legal regimes.

How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks

Earlier this month, the U.S. Department of Justice’s Office of the Inspector General released a report on how the Department could improve its approach to combat ransomware attacks. The report included an audit and evaluated the Department’s strategy to respond and counter ransomware attacks during a two-and-a-half-year period from April 2021 through September 2023.

From Tetris to Minecraft: The Evolution of Security Awareness into Human Risk Management

Once upon a time, security awareness training resembled a never-ending game of Tetris. Threats cascaded down, demanding swift action and strategy, only to speed up until we inevitably faltered. Today, we've entered a new realm of engagement, creativity, and community in human risk management.

UpGuard Expands Vendor Risk Questionnaire Library with New DORA Questionnaire

UpGuard is excited to announce the latest addition to our Vendor Risk Questionnaire Library: the DORA (Digital Operational Resilience Act) questionnaire! The addition of DORA to the Questionnaire Library reflects UpGuard’s ongoing commitment to providing our customers with the necessary tools to navigate today’s evolving regulatory standards.

Accelerating Threat Assessment and Risk Mitigation with Nucleus Vulnerability Intelligence Platform

In this webinar, discover how the Nucleus Vulnerability Intelligence Platform (VIP) is changing the way organizations handle vulnerabilities. Learn how VIP empowers security teams to assess, prioritize, and mitigate vulnerabilities in real time by leveraging automated workflows, comprehensive data aggregation, and custom risk ratings. Key topics covered: Chapters Don't forget to like, comment, and subscribe for more in-depth webinars and expert discussions on cybersecurity and vulnerability management!

Introducing UpGuard's DPDP Act Security Questionnaire

In an era where data breaches and privacy concerns dominate headlines, regulatory frameworks like India’s Digital Personal Data Protection Act, 2023 (DPDP) have become indispensable. The DPDP Act safeguards the privacy of individuals by regulating how organizations operating in India can collect, process, and store personal data. Landmark regulations like the DPDP Act are essential for enhancing data security.