Security News

What Is Identity and Access Management (IAM)?
2024-02-23 14:05

Identity and Access Management is all about establishing the identity of a user and verifying that the user has the right to access certain applications and types of information. According to Gartner's definition, "Identity and Access Management is a security and business discipline that includes multiple technologies and business processes to help the right people or machines to access the right assets at the right time for the right reasons, while keeping unauthorized access and fraud at bay."

Combined Security Practices Changing the Game for Risk Management
2024-02-05 13:19

A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The...

Why the Right Metrics Matter When it Comes to Vulnerability Management
2024-02-01 11:40

How’s your vulnerability management program doing? Is it effective? A success? Let’s be honest, without the right metrics or analytics, how can you tell how well you’re doing, progressing, or if...

Proactive cybersecurity: A strategic approach to cost efficiency and crisis management
2024-01-31 05:30

We examine the benefits of adopting a proactive cybersecurity approach, particularly in terms of cost efficiency and crisis management, and explore the impact of offensive security testing on compliance and zero-day response. A zero trust approach to cybersecurity has become the go-to model for many organizations because it embraces a framework that layers nicely across every possible threat vector.

Database management enters a new era of complexity
2024-01-31 04:00

"Catering for different use cases, adding flexibility and achieving cost savings are the driving factors behind the escalating pace of change toward a multi-platform database landscape," said David Gummer, Redgate CPO. "However, the sheer volume of platform choices, with respondents citing usage of 16 different database types, highlights why it's critical that IT teams are upskilled and have the right tools in place. It's clear that organizations are currently scrambling to keep up with increased complexity, the pressures of compliance and emerging technologies like AI and the cloud, and are seeking solutions to narrow the skills gap," added Gummer. Skill diversification is also cited as a top need by 31% when dealing with data management processes across multiple database types.

Third-party risk management best practices and why they matter
2024-01-29 05:50

With organizations increasingly relying on third-party vendors, upping the third-party risk management game has become imperative to prevent the fallout of third-party compromises. Why you must do TPRM. Third-party risk management offers numerous advantages for companies.

The effect of omission bias on vulnerability management
2024-01-24 06:30

One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management. In this article, we discuss omission bias in vulnerability management, particularly vulnerability remediation, and how IT operators can overcome it with today's new management platforms.

Ransomware negotiation: When cybersecurity meets crisis management
2024-01-18 05:00

He discusses ransomware gangs, the role of cyber insurance, and how governments and regulatory bodies are responding to the ransomware threat. In light of the increasing sophistication of ransomware attacks, can you discuss the dynamics of negotiating with ransomware gangs? How do these negotiations typically unfold, and what are the critical business considerations during these interactions?

Key elements for a successful cyber risk management strategy
2024-01-15 04:30

In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. We hope to find the 'golden' indicator for which risk will eventually lead to a breach, but until that day, security teams need to holistically incorporate several layers of risk factors to determine business risk and drive justifiable communications.

Develop Valuable Security and Risk Management Skills for Just $30 Through 1/1
2023-12-29 10:00

With cyberthreats and cyberattacks always on the rise, developing security and risk management skills could be one of the best moves for your business or career. For either case, you can now develop information security skills with the help of The 2023 CISSP Security & Risk Management Training Bundle for just $29.97 through January 1.