Risk Management

Risk Management | News, how-tos, features, reviews, and videos

Keep third-party risk on your radar: Piggybacked deer, giraffe and cat balance on a tightrope.
Feature

Managing vendor and supply chain risk in a recession

A hacker looks out over a city amid graphs of increasing trend lines and numerical rates.
Feature

Cybercrime in a recession: 10 things every CISO needs to know

network security concept
Feature

COVID-19 and tech: New collaboration tools mean new security risks

As the coronavirus forces companies to move their communication and file sharing onto collaboration platforms, be prepared for unintended consequences: New security threats will surface, requiring new methods of securing your...

virus specimen / world map / binary code
Feature

A security guide for pandemic planning: 7 key steps

Every security operation should be asking whether they are prepared for a pandemic in the wake of the coronavirus (COVID-19) outbreak. Start by focusing on these areas.

data analytics / risk assessment / tracking data or trends
Feature

Risk profiling gives PPD real-time view of vulnerabilities

How drug development company PPD built its own risk profiling tool to give all stakeholders a simpler, clear view of risk associated with every IT asset.

CSO slideshow - Insider Security Breaches - Futuristic car technology races along a binary highway
The Trusted and Valued Insider (Threat)By

Tesla insider with expired NDA spills the tech beans

A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms.

businessman bridges gap
Adaptive SecurityBy

Do you know your gap?

Understanding risk exposure and security control inconsistencies is one of the most important aspects of a business’s security program. While this process may seem complicated at first glance, by following these steps, CISOs can more...

open door with sunlight shining through
Checks and BalancesBy

New strategic vision needed to thrive as a digital enterprise

Is digital transformation really a revival of classic laissez-faire economics?

futuer blast hyper drive matrix
Cybersecurity DecryptedBy

Digital resilience – a step up from cybersecurity

We are living in an increasingly digital world, but many organizations are still unaware of the extent to which they rely on digital technology and the risks that come with it. As we head towards a digitally dependent future, the need...

cyber terrorism dynamite explosion blow up binary detinate
News Analysis

Can cyber insurance cover acts of cyber terrorism?

Cyber insurance policies do not typically cover physical destruction or loss of life, but the UK government-backed reinsurer, Pool Re, announced this year it will cover acts of cyber officially deemed "terrorism" by Her Majesty's...

Abstract trend lines graphing change and transformation.
The Security LogBy

Redefining threat prediction

Security is hard. Some say once we can predict threats all will be better. Should we believe? Maybe. But security teams need to demystify the concept of “threat prediction” by addressing three common misunderstandings, and move their...

risk assessment gauge
Review

Kenna Security takes a data-driven approach to risk analysis

Risk from security threats is relative to each company. Kenna Security leverages company and public data to pinpoint the real risk for each customer.

risk assessment - safety analysis - security audit
Feature

How to perform a risk assessment: Rethinking the process

New regulations and a changing threat landscape mean you need a different approach to your security risk assessment process.

insurance policy
Feature

Does cyber insurance make us more (or less) secure?

Underwriting cyber risk remains more art than science, but in the absence of regulation, cyber insurance might still be the best hope for improving cybersecurity practices across the board — at least for now.

multiple-exposure image - a businessman, a team at a laptop, and data connections against a skyline
Notes on Cybersecurity from a Professor-preneurBy

Third-party risk: it’s the second hop you should fear

Third-party risk is a persistent fear for CISOs and risk compliance officers especially, with GDPR potentially piercing corporate non-disclosure agreements. Loss of sensitive data from a third party is often managed using protective...

risk assessment gauge
Security: From the Top to the TrenchesBy

The enterprise-wide appeal of Business Risk Intelligence

Use cases demonstrate the enterprise-wide appeal of Business Risk Intelligence (BRI).

medical heart rate monitor ekg hospital
Feature

5 tips to thwart medical device attacks

Medical devices can be an easy gateway for hackers to steal valuable information. This advice will lower the risk of that happening.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

What it takes to become an IT security engineer

The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set...

Load More