Security News

Managing the security of your third parties is crucial, but security assessments are riddled with problems, including a lack of context, scalability and relevance. In this comprehensive guide, we provide the direction you need to make your organization's third-party security program efficient and scalable.

In this day and age of cyber risk and data privacy regulations, automated third-party questionnaires are a must. Organizations can no longer simply hire vendors without proof of a strong cyber posture, and a comprehensive questionnaire can demonstrate that vendors' internal security policies are up to par.

A comprehensive third-party security program can align your vendor's security with your internal security controls and risk appetite. The right third-party security management platform can be a smart way to get your program off the ground or automate the one you already have in place.

ThreatQuotient released the State of Cyber Security Automation Adoption in 2021, new research focused on understanding the importance, challenges and trends facing businesses and their CISOs when it comes to IT security systems automation. Recognised importance of IT security automation 77% of survey respondents stated IT security automation is important to senior security professionals.

The first 90 days for a new CISO are crucial in setting up their security team, so there is little time to waste, and much to accomplish. A new guide by XDR provider Cynet looks to give new and veteran CISOs a durable foundation to build a successful security organization.

Recently I was fortunate enough to facilitate a fireside chat with Arkadiy Goykhberg, CISO of news media and business services giant DMGT. The challenge: Enterprise Drift due to Ongoing Threats. Change in security posture grows daily as threat actors, whether financially motivated or nation-state actors, evolve their tactics, tools and Procedures.

Marlin Hawk released a research report which explores industry trends and insights of CISOs around the world, the challenges they face in a rapidly evolving cybersecurity landscape, as well as their role and place within organizations. It consists of research from CISOs at 400+ of the world's largest companies and direct feedback from Fortune 500 CISOs at organizations like Bank of America, Humana, TD Bank Group, Equifax, Credit Suisse, and BT Security.

Over the past year, CISOs have had to grapple with the challenges of bolstering the security posture, minimizing risks, and ensuring business continuity in the new normal. In this article, we have put together the top cybersecurity priorities for 2021 and beyond that will enable businesses to be fully equipped for future disruptions, without compromising on security.

"While third-party risk is not necessarily new, it is something that is often a blind spot as it's often not seen as a direct responsibility of CISOs and security teams," said Gene Yoo, CEO of Resecurity, Inc and former security executive at a major U.S. financial institution. "This blind spot is typically created when there's a lack of visibility into the actual state of the cybersecurity posture and security team of the third-party vendor. However, when an incident does occur, that is when it quickly becomes an issue as the organization itself will take the blame for the breach."

Microsoft confirms another Windows Print Spooler bug, offers workaroundA day after the August 2021 Patch Tuesday, Microsoft has released an out-of-band security advisory acknowledging the existence of yet another Print Spooler vulnerability. World Health Organization CISO suggests a holistic approach to cybersecurityIn this interview with Help Net Security, Flavio Aggio, CISO at the World Health Organization, talks about the modern threat landscape and offers tips for organizations that want to increase their security posture.