Risk Management

How to Create a Vendor Risk Management Checklist

Jun 20, 2023 By Sabrina Pagnotta In BitSight

Vendor risk management is top of everyone’s mind considering recent headline grabbing supply chain attacks, such as SolarWinds. But as more vendors enter your digital supply chain, keeping up with vendor adoption is tough. According to Accenture, 79 percent of businesses are adopting technologies faster than they can address related security issues. For your organization to be truly protected against supply chain cyber risks, you must develop a robust vendor risk management (VRM) program.

Read Post

BitSight

Read more about How to Create a Vendor Risk Management Checklist

Verizon 2023 DBIR: The Missing Pieces you Need to Take Action

Jun 20, 2023 By Noah Stone In BitSight

Verizon’s much anticipated 2023 Data Breach Investigations Report (DBIR) has hit the market and we have the missing pieces you need to convert its findings into action. In this blog, we’ll break down.

Read Post

BitSight

Read more about Verizon 2023 DBIR: The Missing Pieces you Need to Take Action

Evidence-Based Strategies to Lower Your Risk of Becoming a Ransomware Victim

Jun 20, 2023 By Rachel Holmes In BitSight

The ransomware trend continues to run rampant. One in four breaches involve ransomware, and organized crime actors use ransomware in more than 62 percent of incidents. Cyber criminals are taking advantage of these new opportunities to exploit a greatly expanded attack surface: But ransomware is only one small piece that a security leaders has to manage. The threat of ransomware is compounded by a distributed workforce, trends toward technology consolidation, geopolitical upheaval, and budget constraints.

Read Post

BitSight

Read more about Evidence-Based Strategies to Lower Your Risk of Becoming a Ransomware Victim

Managing Cyber Risk in the Insurance Supply Chain

Jun 20, 2023 By SecurityScorecard In SecurityScorecard

This week in London, SecurityScorecard hosted a roundtable discussion on cyber risk in the insurance supply chain. Keynote speaker Santosh Pandit, head of Cybersecurity at the Bank of England, shared his insights with 20 London-based insurers on managing cyber risk in the financial sector and the latest regulatory initiatives that may impact the insurance industry.

Read Post

SecurityScorecard

Read more about Managing Cyber Risk in the Insurance Supply Chain

SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation

Jun 20, 2023 By SecurityScorecard In SecurityScorecard

New disclosures regarding the widespread exploitation of CVE-2023-34362, a new vulnerability affecting the MOVEit file transfer software, and the Cl0p ransomware group’s claim of responsibility for its widespread exploitation and the resulting data theft, have continued in the weeks since the vulnerability’s original publication.

Read Post

SecurityScorecard

Read more about SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation

3 Steps to Bridge Cyber Risk Communication Gaps

Jun 20, 2023 By RiskOptics In RiskOptics

Effective communication is at the heart of any successful organization. It ensures that information is clearly conveyed, understood and acted on. But sometimes, despite our best intentions, there can be a gap between what we say and what the other person hears. The result? Confusion, misunderstandings and missed opportunities. When it comes to talking about cyber risk, you can bridge this communication gap by translating technical, information security data into the language of business impact.

Read Post

RiskOptics

Read more about 3 Steps to Bridge Cyber Risk Communication Gaps

Debunking the Misconception That CRQ Requires a Lot of Data Collection

Jun 19, 2023 By Kovrr In Kovrr

Cyber risk quantification (CRQ) can be an invaluable tool. The ability to put a number to cyber risk aids in communicating with board members, planning strategic investments, calculating the return on investment of cybersecurity spending, and right-sizing cybersecurity insurance coverage. However, many organizations avoid taking advantage of CRQ due to some common misconceptions.

Read Post

Kovrr

Read more about Debunking the Misconception That CRQ Requires a Lot of Data Collection

Risk Control & Risk Management: What's the Difference?

Jun 16, 2023 By RiskOptics In RiskOptics

Risk control and risk management are two essential parts of any organization’s efforts to manage risk. Understanding the difference between the two is critical to identify vulnerabilities, monitor risks, and make informed decisions on managing risk effectively. In this article we’ll explore those distinctions between risk control and risk management, and provide five tactics for mastering organizational risk management.

Read Post

RiskOptics

Read more about Risk Control & Risk Management: What's the Difference?

A Guide to Handling the MOVEit Attack

Jun 15, 2023 By Anirban Banerjee In Riscosity

Last week, a vulnerability in the popular MOVEit managed file transfer service was exploited by the CL0P ransomware gang to execute data breaches – an increasingly common cybersecurity attack technique where popular software is exploited to target, by extension, their users. Victims of this hack include British Airways, Boots, BBC, and multiple US government agencies.

Read Post

Riscosity

Read more about A Guide to Handling the MOVEit Attack

The CyberShield Event | Safeguarding The Digital Landscape

Jun 15, 2023 By Obrela In Obrela

Obrela's inaugural event in KSA about Cybersecurity. A line up of international speakers and honoured guest were present to discuss intriguing topics. Our CEO, George Patsis, commenced the presentations by addressing the prevailing challenges in CyberDefense and highlighting the emergence of the new Cyber Risk Landscape. Furthermore, we delved into an in-depth discussion regarding the significance of adhering to Cyber Assurance standards, the advancements in Modern Threat Intelligence Centers, the utilization of AI to strengthen CyberDefense capabilities, and the intricate relationship between Cyber Criminals and Nations.

View Video