Security News

The CISO’s guide to third-party security management
2022-01-05 03:30

Managing the security of your third parties is crucial, but security assessments are riddled with problems, including a lack of context, scalability and relevance. In this comprehensive guide, we provide the direction you need to make your organization's third-party security program efficient and scalable.

What is challenging cloud native policy management?
2021-12-29 04:00

Nirmata announced a report that features an analysis of the current cloud native policy management market adoption, including the technologies used and the challenges that organizations face. The survey highlights that nearly 50 percent of users in cloud native environments have adopted some level of policy management solution in their Kubernetes environment.

Security and vulnerability management market size to reach $20.1 billion by 2027
2021-12-24 04:00

The global security and vulnerability management market size is expected to reach $20.1 billion by 2027, rising at a market growth of 7.1% CAGR during the forecast period, according to ResearchAndMarkets. Growing adoption of IoT and cloud trends, high monetary losses due to the dearth of these solutions, integration of latest technologies like artificial intelligence & machine learning with security and vulnerability management solutions are indicative for the future growth of these solutions.

How Extended Security Posture Management Optimizes Your Security Stack
2021-12-14 03:09

Unrationalized security stacks are not only unnecessarily costly, but they also generate more false-positive calls, needlessly taxing security staff stamina and increasing the risk of missing a critical alert. This is at the core of what Extended Security Posture Management brings to the table.

Extracting value from the interconnected network of risk management
2021-12-09 07:00

The network presents our best opportunity to understand the interactions which link our application of risk management strategy. Step 2: Create a library of activities and associate it with every risk management initiative that touches the in-scope resources.

EU key management in 2022
2021-12-07 06:30

It was reported that the private key used to sign EU Digital Covid certificates was leaked and circulated on messaging apps and online data breach marketplaces. The key was misused to generate certificates for Adolf Hitler, Mickey Mouse, and Sponge Bob that were, for a short time, recognized as valid by official government apps.

The importance of vulnerability management for your organization
2021-12-02 07:00

For any organization that relies on continuous availability of their computer network for regular operations, vulnerability scans should be run at least monthly and even more frequently for organizations that collect and/or process personal or sensitive data. An important component in combating a potential attack is implementing vulnerability scanning to detect and classify network, application, and security vulnerabilities.

Railway cyber risk management: Raising awareness on relevant threats
2021-12-02 04:30

ENISA has announced the release of its report - Railway Cybersecurity - Good Practices in Cyber Risk Management for railway organizations. European railway undertakings and infrastructure managers need to address cyber risks in a systematic way as part of their risk management processes.

How to handle third-party security risk management
2021-11-19 06:00

In this Help Net Security interview, Demi Ben-Ari, CTO at Panorays, talks about third-party security risk management and the repercussions of a third-party breach. Why is third-party security risk management so important?

Fragmented approach to identity security management creates risk
2021-11-05 04:30

According to the Dimensional Research-conducted survey of 1,009 IT security professionals, identity sprawl is one critical obstacle to overcome as businesses seek to optimize their overall cybersecurity posture, with half of all companies reporting they use more than 25 different systems to manage access rights. A second challenge is the fragmented way most organizations address identity security.