Security News

Arlington, Va.-based data privacy management company WireWheel on Wednesday announced that it raised $20 million in a Series B funding round. WireWheel has developed a SaaS privacy platform that can be used by organizations of all sizes.

Despite all of this, less than 20% of 2020 security budgets were spent on Insider Risk - and more than half of organizations don't have a formal Insider Risk response plan in place. Forrester predicts that 1 in 3 data breaches in 2021 will stem from insiders, and the Code42 2021 DER found that 6 out of 10 IT security leaders believe insider threats will increase, or increase significantly, over the next two years.

Survey respondents were asked to rate 36 macroeconomic, strategic and operational risks, including new risks that emerged this year related to the pandemic and social justice. "More than ever, 2020 demonstrated that organizations can no longer afford a reactive approach to risk management. Pandemic risk loomed on the horizon for a long time - it was a matter of 'when,' not 'if,'" said Jim DeLoach, a Protiviti managing director.

Your company's vendor management program may not be what you need to get the most out of your cybersecurity vendors, so I'll focus on a Cyber Vendor Optimization Strategy. Depending on which vendor you're dealing with, what you share about your challenges and how you leverage the vendor could be completely different things.

Entrust announced that it has partnered with Sysmosoft to provide a comprehensive solution for digital signature management. Under the agreement, the Sysmosoft document signing workflow is available as an add-on to Entrust digital signing solutions.

When Google Chrome 90 arrives in April, visitors to websites that depend on TLS server authentication certificates from AC Camerfirma SA, a digital certificate authority based in Madrid, Spain, will find that those sites no longer present the secure lock icon. Mozilla, maker of Chrome rival Firefox, has been trying to decide whether Camerfirma's history of questionable certificate management practices - documented in a lengthy list - warrants banishing the Spanish company's certificates from its Root Store - the set of certificates Firefox recognizes as trustworthy by default.

Asset and wealth management companies play an important role in handling finances and investments for different clients throughout the world. A report released Thursday by digital risk company Digital Shadows examines why and how AWM companies are vulnerable to cyberattack and how they can defend themselves.

So how do we solve this problem? It begins with a better vulnerability management system, a refocused commitment to cloud application security best practices and a realignment of our current security posture with the specific requirements of the cloud. Vulnerability assessments are conducted periodically to evaluate the existing security posture and help inform any necessary changes to the vulnerability management action plan.

Find out what your company could risk by not getting cybersecurity audits. Steven Wertheim, president of SonMax Consultants, in his CPA Journal article Auditing for Cybersecurity Risk makes a strong case that auditing should be a part of every cybersecurity defense program.

Risk management is more than recovery from a cyberattack. Another equally important function of risk management is that it can be considered a proactive methodology used to identify risks in an organization's cybersecurity framework.