%term

Who Buys Insider Risk Management? A Business Case Across Roles

Jun 18, 2025 By Veriato Team In Veriato

A staggering 74% of cybersecurity incidents originate from within, and when looking at insider risk, 82% of incidents result from unintentional actions by well-meaning employees. More people are working from home, bringing their own devices, and connecting globally, which is widening the threat landscape. Attackers are more advanced, as they utilize AI and other technology to make their phishing and hacking attempts more sophisticated.

Read Post

Veriato

Read more about Who Buys Insider Risk Management? A Business Case Across Roles

3 Important Ways Attack Surface Management Must Evolve

Jun 17, 2025 By Gabi Reish In BitSight

For the second time in a row, Bitsight has been named an Overall Leader in the KuppingerCole Leadership Compass for Attack Surface Management (ASM)—and it’s not just a title. The report offers a deep dive into how organizations are using ASM to get ahead of cyber threats by proactively managing their digital risk.

Read Post

BitSight

Read more about 3 Important Ways Attack Surface Management Must Evolve

Asana Discloses Data Exposure Bug in MCP Server

Jun 16, 2025 By Greg Pollock In UpGuard

On June 4, Asana identified a bug in its Model Context Protocol (MCP) server and took the server offline to investigate. While the incident was not the result of an external attack, the bug could have exposed data belonging to Asana MCP users to users in other accounts.

Read Post

UpGuard

Read more about Asana Discloses Data Exposure Bug in MCP Server

What Is Cyber Risk

Jun 16, 2025 By Daniel Ghillione In LevelBlue

Did you know that it is estimated that 45% of organizations worldwide will have suffered attacks on their software supply chains this year? Cyber risk is real, and its consequences can be devastating. As digital transformation continues to reshape how businesses operate globally, cyber threats are increasing at a rapid and alarming pace. The term cyber risk refers to the damage posed by these cyber threats.

Read Post

LevelBlue

Read more about What Is Cyber Risk

Checkups and Checklists: Cyber Risk Isn't Just a Technical Problem

Jun 13, 2025 By James McQuiggan In KnowBe4

There are many things in our lives we must prepare for to be ready. For other things, we wing it, or we're not prepared to deal with it at the moment. For me, I've reached that point in my life where I needed to have a medical procedure done, and it was something I've put off for several years. It may not be very comfortable to admit, but last week, I had a colonoscopy. That's not exactly how you'd expect a cybersecurity blog to start, but hear me out on this one!

Read Post

KnowBe4

Read more about Checkups and Checklists: Cyber Risk Isn't Just a Technical Problem

Shadow AI: Examples, Risks, and 8 Ways to Mitigate Them

Jun 13, 2025 By Mend.io Communications In Mend

Shadow AI refers to the unauthorized or unmanaged use of AI tools, models, frameworks, APIs or platforms within an organization, operating outside established governance frameworks. While employees may adopt these AI tools with good intentions, seeking to enhance productivity or solve problems more efficiently, the lack of oversight creates significant security, compliance, and operational risks.

Read Post

Mend

Read more about Shadow AI: Examples, Risks, and 8 Ways to Mitigate Them

Veracode: Application Risk Management for today's AI-driven world

Jun 13, 2025 By VERACODE In Veracode

Discover Veracode, the comprehensive application risk management platform designed for today's AI-driven world. This video provides an overview of how Veracode empowers organizations to build and deploy secure software by offering unified visibility, AI-driven prioritization, and integrated tools for detecting and remediating vulnerabilities. Learn about Veracode's key capabilities, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and risk management.

View Video

Veracode

Read more about Veracode: Application Risk Management for today's AI-driven world

TPCRM Framework: Building Digital Trust for Modern Enterprises

Jun 13, 2025 By Edward Kost In UpGuard

Third-party cyber risk management (TPCRM) has emerged as a critical discipline, moving beyond traditional approaches to address the unique and evolving cyber threats posed by vendor relationships. This post explains the core tenets of TPCRM, outlines key requirements for ideal tools, and suggests implementation strategies for this new, important branch of cybersecurity.

Read Post

UpGuard

Read more about TPCRM Framework: Building Digital Trust for Modern Enterprises

ISO 27001 Risk Register Setup: Step-by-Step Guide

Jun 13, 2025 By Max Aulakh In Ignyte

While we talk a lot on this site about the US Government’s various cybersecurity frameworks, like FedRAMP and CMMC, there’s one significant framework that deserves just as much attention: ISO 27001. ISO 27001, being an ISO standard, is an international framework for cybersecurity divorced from any one country’s government.

Read Post

Ignyte

Read more about ISO 27001 Risk Register Setup: Step-by-Step Guide

Bitsight AI Empowers Microsoft's New Threat Intelligence Briefing Agent

Jun 12, 2025 By Yaniv Cherfas In BitSight

Threat Intelligence (TI) has become the secret weapon of modern security teams—essential for identifying possible emerging threats before they escalate. But TI is only as valuable as its accuracy, relevancy, and timeliness. Unfortunately, many traditional TI approaches can no longer keep up, as security teams are plagued with information overload: too many signals, too little context, and limited resources to process everything. This is why the coupling of GenAI and TI is a game changer.

Read Post