Risk Management

Risk Mitigation for Organizations: The Complete Guide

Dec 20, 2023 By Laiba Siddiqui In Splunk

Running a business involves taking calculated risks — but unexpected events can have devastating consequences. Risk mitigation is a process that helps companies identify potential risks and take proactive measures to mitigate them. In this blog, we'll explore the importance of risk mitigation and how businesses can protect their assets, reputation, and financial stability.

Read Post

Splunk

Read more about Risk Mitigation for Organizations: The Complete Guide

An Analysis of Menorah Malware

Dec 20, 2023 By SecurityScorecard In SecurityScorecard

SecurityScorecard is analyzing a phishing campaign that deployed the Menorah malware, which is taking aim at users in the Middle East. This sophisticated campaign is being mounted by the threat actor group tracked as APT34, which is linked to Iran. This group is known for its focus on collecting sensitive intelligence and taking on high-profile targets across the Middle East including critical infrastructure and telecommunications entities.

Read Post

SecurityScorecard

Read more about An Analysis of Menorah Malware

Navigating the 2024 Cybersecurity Conference Maze

Dec 20, 2023 By SecurityScorecard In SecurityScorecard

As the digital landscape evolves, so too must the professionals who safeguard it. Cybersecurity conferences are invaluable when it comes to networking, learning, and staying ahead of the ever-evolving threats. Whether you’re a seasoned cybersecurity professional or a newcomer to the field, attending these conferences can be a transformative experience.

Read Post

SecurityScorecard

Read more about Navigating the 2024 Cybersecurity Conference Maze

Blockchain Security

Dec 20, 2023 By SecurityScorecard In SecurityScorecard

The blockchain has emerged as a revolutionary technology with the potential to redefine how data is managed, stored, and shared. While initially associated with cryptocurrencies like Bitcoin, the blockchain’s applications extend far beyond finance, impacting industries ranging from healthcare to supply chain management. One of the blockchain’s key promises lies in ensuring data consistency, transparency, and privacy, critical elements in an interconnected and data-driven world.

Read Post

SecurityScorecard

Read more about Blockchain Security

Mapping COBIT to COSO

Dec 20, 2023 By RiskOptics In RiskOptics

The Sarbanes-Oxley Act (SOX) requires publicly traded companies to declare and adopt a framework that the business will use to “define and assess internal controls.” In response, most publicly traded companies have adopted one of two frameworks that meet the SOX requirements: the Committee of Sponsoring Organizations (COSO) internal control framework and the IT Governance Institute’s Control Objectives for Information and Related Technology (COBIT).

Read Post

RiskOptics

Read more about Mapping COBIT to COSO

Release Spotlight: Qualys PCS

Dec 20, 2023 By Gil Azaria In Nucleus

In the culinary world, the adage “too many cooks spoil the broth” warns of the chaos and disarray that can arise from too many opinions and actions in the kitchen. However, this concept takes an intriguing twist in the realm of cybersecurity.

Read Post

Nucleus

Read more about Release Spotlight: Qualys PCS

How to Operationalize Vulnerability Threat Intelligence

Dec 20, 2023 By Nucleus In Nucleus

With so many vulnerabilities to address and potential threats looming, how can organizations prioritize and respond effectively? Enter Vulnerability Threat Intelligence (VTI). This knowledge not only aids in pinpointing vulnerabilities but also shapes strategies for risk acceptance and rapid responses to zero-day threats. Join our webinar where Patrick Garrity from Nucleus Security, Caleb Hoch from Google, and Jared Semrau from Mandiant, uncover how to effectively leverage vulnerability threat intelligence (VTI).

View Video

Nucleus

Read more about How to Operationalize Vulnerability Threat Intelligence

The Ins and Outs of Application Security Policy

Dec 19, 2023 By Anirban Banerjee In Riscosity

A policy, by definition, is a statement of management intent that is mandatory for an organization. A security policy, obviously, focuses on the security of information assets.

Read Post

Riscosity

Read more about The Ins and Outs of Application Security Policy

The New Normal For Cybersecurity Practitioners

Dec 19, 2023 By SecurityScorecard In SecurityScorecard

Former UBER CSO Joe Sullivan joined SecurityScorecard CEO Aleksandr Yampolskiy to discuss pressing topics on the mind of every CISO. Are we on the verge of entering the "Golden Era" of cybersecurity? SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

View Video

SecurityScorecard

Read more about The New Normal For Cybersecurity Practitioners

Applying the Churchill Knowledge Audit to Cybersecurity

Dec 19, 2023 By SecurityScorecard In SecurityScorecard

When FedEx founder Fred Smith attended Yale in the mid-1960s, he wrote an economics paper describing the concept of overnight delivery of packages by air. His professor infamously gave him a “C” grade because he viewed it as implausible. But Smith knew something his professor didn’t—and it was an idea that would change the way the business world worked forever. I bring this story up for two reasons. For one thing, I worked for FedEx and learned a lot from my time there.

Read Post