%term

The CEO's Take: Blind Spots in the Enterprise & Ecosystem

Dec 31, 2025 By SecurityScorecard In SecurityScorecard

“The best way to compromise a ‘secure organization’ was to go find the things they didn’t know about.” Vulnerability management – within both the enterprise as well as the vendor ecosystem – is largely broken. Join Aleksandr Yampolskiy and HD Moore for this webinar discussing: SecurityScorecard monitors and scores over 12 million companies worldwide.

View Video

SecurityScorecard

Read more about The CEO's Take: Blind Spots in the Enterprise & Ecosystem

The CISO's Take: Navigating Cyber Risk in Financial Services

Dec 30, 2025 By SecurityScorecard In SecurityScorecard

“If you are solving problems at human speed, you are at a huge disadvantage, because your attackers are operating at machine speed.” As cyber risk – in both the financial services sector and more broadly – accelerates at the pace of automation and AI, securing our future requires practitioners to be more strategic than the threat actors after our assets.

View Video

SecurityScorecard

Read more about The CISO's Take: Navigating Cyber Risk in Financial Services

SecurityScorecard CISO Steve Cobb as Cyber Santa | Cyber Santa's 2026 Predictions

Dec 30, 2025 By SecurityScorecard In SecurityScorecard

The New Year is upon us and with a new year comes new changes. Cyber Santa is back with his predictions for the coming year and how cyber will evolve in the next 365 days. SecurityScorecard CISO Steve Cobb returns in his jolly red hat and white beard to shake his snow globe and see what's ahead for the cybersecurity industry in 2026 and what you need to know going into the new year. CISO responsibility, data sprawl, and AI governance are the top 3 on the list of emerging priorities.

View Video

SecurityScorecard

Read more about SecurityScorecard CISO Steve Cobb as Cyber Santa | Cyber Santa's 2026 Predictions

Jon Oltsik: Shifting Left and Threat Informed Defense

Dec 30, 2025 By Nucleus Security In Nucleus

Security researcher and analyst Jon Oltsik talks about the importance of shifting lift and employing threat informed defense in this short clip.

View Video

Nucleus

Read more about Jon Oltsik: Shifting Left and Threat Informed Defense

Third-Party Risk Management: Best Practices and Trends

Dec 30, 2025 By foresiet In Foresiet

In the quiet corners of the darknet, threat actors aren’t always looking for a way to break through your front door. Instead, they’re hunting for the “side door”—the niche cloud provider you use for analytics, the marketing firm with access to your customer data, or the logistics partner with a direct line into your ERP. As we move into 2026, Third-Party Risk Management(TPRM) has evolved from a periodic compliance exercise into a high-stakes game of digital chess.

Read Post

Foresiet

Read more about Third-Party Risk Management: Best Practices and Trends

Security Alert: CVE-2025-14847 MongoDB "MongoBleed" Actively Exploited

Dec 29, 2025 By Emma Stevens In BitSight

A high-severity vulnerability, CVE-2025-14847, affecting MongoDB Server is being actively exploited in the wild with a Bitsight Dynamic Vulnerability Exploit (DVE) score of 9.71. The flaw, commonly referred to as “MongoBleed,” is an unauthenticated memory-read vulnerability caused by improper handling of zlib-compressed network message headers, which may allow attackers to read uninitialized heap memory remotely.

Read Post

BitSight

Read more about Security Alert: CVE-2025-14847 MongoDB "MongoBleed" Actively Exploited

NIST compliance in 2026: A complete implementation guide

Dec 28, 2025 By Edward Kost In UpGuard

Aligning with a NIST framework is a strategic initiative for any organization serious about cybersecurity. It provides a clear roadmap to defending against sophisticated supply chain attacks, meeting evolving regulatory demands, and managing growing cyber risk exposure from third-party vendors. This guide explains the core NIST frameworks and provides a practical, 5-step implementation plan for building a resilient and defensible security program with a NIST standard.

Read Post

UpGuard

Read more about NIST compliance in 2026: A complete implementation guide

Jon Oltsik: Vulnerability Management is a Business Issue

Dec 23, 2025 By Nucleus Security In Nucleus

Industry researcher and analyst Jon Oltsik explains why vulnerability management should be considered a business issue and stop being viewed as a technical issue.

View Video

Nucleus

Read more about Jon Oltsik: Vulnerability Management is a Business Issue

How to communicate cyber risk in commercial terms

Dec 23, 2025 By Adoniel Martinez In Sentrium

Cyber risk is often discussed in technical language, often in a way which is difficult to decipher the real business impact. CVSS scores, vulnerabilities, attack paths and threat actors all have their place but for many decision‑makers, this language doesn’t translate into real-world business outcomes. Small business leaders and non-technical executives need to understand what cyber risk means for revenue, reputation and operational continuity.

Read Post

Sentrium

Read more about How to communicate cyber risk in commercial terms

AI Risk Governance Suite - office hours part 1

Dec 22, 2025 By Kovrr - Cyber Risk Quantification In Kovrr

Kovrr’s new AI Risk Governance Suite gives enterprises the visibility, structure, and measurable control needed to manage GenAI responsibly across its full lifecycle. Join us for Office Hours: Part 1, where Or Amir will walk through the first three modules of the suite—showing how enterprises can gain real-time oversight and quantifiable insight into their AI landscape: Discover how these capabilities help enterprises align innovation with accountability—building a defensible foundation for responsible GenAI adoption.

View Video