Security News

Using AI and automation to manage human cyber risk
2023-12-07 05:00

Despite advanced security protocols, many cybersecurity incidents are still caused by employee actions. In this Help Net Security video, John Scott, Lead Cybersecurity Researcher at CultureAI, discusses how integrating AI and automation into your cybersecurity strategy can improve employee behaviors and reduce security incidents.

Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard
2023-11-13 07:19

In this Help Net Security interview, Sumedh Thakar, President and CEO of Qualys explores the vision behind the Qualys Enterprise TruRisk Platform, a strategic move aimed at redefining how enterprises measure, communicate, and eliminate cyber risk. We delve into how Qualys assists CISOs in the complex balancing act of managing critical issues under budget constraints, the financial implications of cyber risk, and the advanced capabilities of the TruRisk Platform in providing a unified view of enterprise risk.

Rethinking cyber risk: The case against spreadsheets
2023-11-10 05:00

In this Help Net Security video, Christina Hoefer, VP of Global Industrial Enterprise at Forescout, discusses why it is time for manufacturers/OT security leaders to "Toss the spreadsheet" regarding their traditional methods of tracking data for cyber risk assessments. She addresses the underlying challenge that traditional cyber risk assessments are laborious and perpetuates gaps in risk management because they lack a consolidated, up-to-date view across all connected assets and deeper insight into historical moments in time to manage risks proactively.

Australian CEOs Struggling to Face Cyber Risk Realities
2023-11-01 11:48

Fear and the more technical aspects of cybersecurity are still stopping Australian CEOs from engaging more deeply with cybersecurity risks, despite a string of high-profile cyberattacks that have hit Australian brands, including Optus and Medibank and millions of their customers. New research from consulting firm Accenture found that only one in five of Australian CEOs are currently dedicating board meetings to discussing cybersecurity issues, while 34% think cybersecurity isn't a strategic matter and requires episodic rather than ongoing attention.

A Primer on Cyber Risk Acceptance and What it Means to Your Business
2023-10-10 14:02

This article provides a guide to cyber risk acceptance and outlines the valuable role of continuous penetration testing in making informed risk acceptance decisions. The risk hasn't disappeared here; instead, another business takes on the task of mitigating the risk.

Tackling cyber risks head-on using security questionnaires
2023-10-04 04:30

In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data. Many organizations overlook the critical role of security questionnaires in risk assessment.

Managing human cyber risks matters now more than ever
2023-08-08 03:00

As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become increasingly vital, according to the SANS Institute. "The digital world is expanding rapidly, and with it, the human element of cybersecurity becomes ever more important as it evolves as a primary target for cyber threats globally," says Lance Spitzner, SANS Security Awareness Director.

Preparing health systems for cyber risks and insurance coverage
2023-06-28 04:30

Insurers, just like health systems themselves, need the full context of clinical operations to see the true impact. Better informed health systems with strong cybersecurity governance will pose a lower risk to insurers, creating greater opportunity for a more sustainable insurance market.

Quantifying cyber risk vital for business survival
2023-04-19 03:30

Healthcare, manufacturing, and utilities are suffering long-term financial impact of major cyber attacks, according to ThreatConnect. "With the National Cyber Strategy coming out of the White House focusing on decreasing cyber risk from critical infrastructure and the new SEC Cyber Proposals, organizations across industries are now being tasked with reporting on cyber risk," said Jerry Caponera, GM of Risk Quantification, ThreatConnect.

[eBook] A Step-by-Step Guide to Cyber Risk Assessment
2023-04-11 11:42

In today's perilous cyber risk landscape, CISOs and CIOs must defend their organizations against relentless cyber threats, including ransomware, phishing, attacks on infrastructure, supply chain breaches, malicious insiders, and much more. One of the most effective ways for CISOs and CIOs to make the best use of their limited resources to protect their organizations is by conducting a cyber risk assessment.