Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

upguard

Compliance Guide: 23 NY CRR and Third-Party Risk Management

Jun 20, 2022 By Edward Kost In UpGuard

The NY CRR 500 legislation was instituted by the New York Department of Financial Services (NYDFS) in 2017 in response to the rising trend of cyberattacks in the finance industry. Sometimes regarded as the GDPR for financial services, the NY CRR 500 has a very high standard for sensitive data protection, requiring protection strategies for ensuring the confidentiality, integrity, and security of information systems and nonpublic information (including customer data).

Read Post

How We Help You Monitor Suppliers' Risk

Jun 20, 2022 By SecurityScorecard In SecurityScorecard
We did an ROI analysis of SecurityScorecard. Here's what we found out: Companies achieve a close to 200% ROI over 3 years. Here's how: Continuously monitoring cyber threats is difficult to handle for small cyber teams, forcing them to hire more people. In the current economic climate, those personnel costs make up the bulk of company expenses. SecurityScorecard allows you to streamline your third-party risk management program and run your TPM program with a smaller, more efficient team.
View Video
SecurityScorecard

The Value of Communicating Risk Meaningfully Across the Business

Jun 20, 2022 By SecurityScorecard In SecurityScorecard

While cybersecurity might be under the umbrella of IT, make no mistake: a breach will impact the entire business, making it the entire organization’s responsibility to be able to understand and take action on risk. This means that your organization needs to have a holistic view of risk that can enable the risk intelligence required to not only have technical discussions, but business conversations about cyber risk.

Read Post
Arctic Wolf

The Most Commonly Mixed-Up Security Terms: Learn the Differences Between Asset, Threat, Vulnerability, and Risk

Jun 17, 2022 By Sule Tatar In Arctic Wolf
The cybersecurity landscape is complex enough without the lack of a common vocabulary. But, often, organizations use common security terms incorrectly or interchangeably. This leads to confusion, which leads to frustration, which can lead to something much, much worse. Something like a breach. Let’s take a moment, then, to review the four most commonly mixed-up and misused security terms in the cybersecurity world.
Read Post

MDR for Vessels

Jun 16, 2022 By Obrela In Obrela
Obrela Security Industries’ MDR for Vessels is a specialised cybersecurity tool for the maritime sector built specifically for seafaring information technology (IT) and operational technology (OT). With a centralised and self-contained passive network monitoring solution based on a virtual appliance, supporting log collection from vessel infrastructure, MDR for Vessels builds on Obrela’s tried and tested Enterprise-class MDR solution with dedicated processes for maritime and shipping environments systems both on land and sea.
View Video
kroll

Optimism, Underestimation and Invincibility: Bridging the Gap Between Reality and Perception in Cyber Security

Jun 15, 2022 By Kroll In Kroll

Earlier this month, the United Nations (U.N.) released its latest Global Assessment Report on Disaster Risk Reduction (GAR2022). For those of us who assess risk for a living, it is a sobering read.

Read Post
SecurityScorecard

Penetration Tests of Newly Released Web Applications

Jun 15, 2022 By SecurityScorecard In SecurityScorecard

Running penetration tests of a mature web application is always a great challenge. Systems are usually well hardened, and scanners fall short of flagging anything interesting, requiring an experienced security engineer to identify vulnerabilities using advanced exploitation methods. On the other side, some applications are going for their first release ever or release after a major code change.

Read Post
SecurityScorecard

Mitigating Cyber Threats With Continuous Monitoring

Jun 15, 2022 By SecurityScorecard In SecurityScorecard

The supply chain for organizations has become increasingly susceptible to unplanned cybersecurity interruptions that negatively impact revenue, inventory, and consumer confidence. As a result, there has been an increasing focus on understanding how critical services are delivered, the reliance on third parties and fourth parties, and key risk controls that can be implemented to mitigate the risk of cyber security incidents.

Read Post
SecurityScorecard

Signs Your Cyber Loss Control Isn't Working

Jun 14, 2022 By SecurityScorecard In SecurityScorecard

Most cyber insurance policies include a form of value-added service meant to help policyholders avoid cyber incidents. These services create differentiation in the market for insurers and help the bottom line. In fact, a recent survey of cyber insurers found that risk engineering services are a bigger driver of profitability than underwriting accuracy. Yet, we know that the dynamic nature of cyber risk has insurers struggling to keep up and new approaches to evaluating that risk are needed.

Read Post
SecurityScorecard

Themes, Insights, And Leadership Perspectives From The RSA Conference

Jun 13, 2022 By SecurityScorecard In SecurityScorecard

SecurityScorecard joined U.S. cybersecurity leaders and the cybersecurity community at the 2022 RSA Conference in San Francisco, California from June 5-9. The RSA Conference is one of the world’s leading cybersecurity events, and SecurityScorecard was proud to join our community in-person at San Francisco’s Moscone Center.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.