Security News

57% of respondents stated that remote work has increased the complexity and scale of patch management. A patch for the vulnerability exploited by the ransomware had existed for several months before the initial attack, yet many organizations failed to implement it.

Vulnerability scanners are not enough, according to an expert who champions an all-encompassing holistic approach to vulnerability management as a means to eliminate surprises. If that's not bad enough, there is confusion surrounding managing vulnerabilities, with most organizations depending on vulnerability scanners and some kind of policy as to when to update or patch the software/hardware.

Effective management of fraud has long been a vital capability within organizations, and for good reasons. According to the Association of Certified Fraud Examiners' 2020 global study on occupational fraud and abuse, companies lose an estimated five percent of revenue per year due to fraud.

The purchase of Singular Key will add to Ping's identity and access management service with a no-code method of creating workflows for identity verification for enterprises. A new acquisition unveiled by identity management firm Ping Identity may be of interest to any business grappling with this challenge.

Cybersecurity frameworks such as ISO 27001, the international framework that defines best practices for an information security management system, can help organizations tackle business risk and enhance overall cyber-defense. In addition to ISO 27001, there are several other frameworks to consider, including the National Institute of Standards and Technology Cybersecurity Framework, which offers in-depth support to help enterprises identify the necessary actions to address and decrease risk.

To select a suitable data privacy management solution for your business, you need to think about a variety of factors. Modern data governance and privacy isn't just about documentation and compliance, done well it empowers teams with consistent, trusted data and delivers measurable value for the entire organization.

The seventh annual State of the Software Supply Chain Report from Sonatype found that developers think software management practices are in much better shape than what conditions on the ground indicate. The analysis found that the majority of respondents use an ad hoc approach to software supply chain management for most parts of the process, except for remediation and inventory.

According to the research, almost all of the IT and security leaders surveyed reported that their organizations are likely to start taking the steps needed to overcome these issues by enhancing their machine identity management approach, but these leaders also expect to face challenges. According to Gartner, "Digital transformation has led to an explosion in the number of machines - such as workloads, code, applications and containers - that need to identify themselves and communicate with each other. As a result, several technology providers have built tools that can help clients discover and manage machine identities across hybrid and multicloud environments. Managing machine identities has become critical, as nonhuman entities are now at the leading edge of digital transformation."

Investment in technology and data infrastructure sit at the top of asset managers' priorities as they position themselves to deliver business growth in the recovery from the COVID-19 pandemic. 56% say their investment will focus on these areas over the next 12 months and for 47% on ensuring ESG compliance across their product range.

Modern vulnerability management programs require a strategy that defines what success means for your organization's cybersecurity goals. With the changing work norms ushered in by the pandemic, endpoints have become an easy exploit target, and your vulnerability management program should give equal importance to managing both network and endpoint vulnerabilities.