Security News

Bridging the “front and back of the house”: A lesson in risk management
2022-01-06 05:30

Between cloud proliferation, new tech infrastructure and tools and an increasingly distributed workforce, organizations are struggling to implement proper risk management practices. They often ignore one of the most important components of a solid risk management strategy: efficient communication between the "Front and back of the house."

Extracting value from the interconnected network of risk management
2021-12-09 07:00

The network presents our best opportunity to understand the interactions which link our application of risk management strategy. Step 2: Create a library of activities and associate it with every risk management initiative that touches the in-scope resources.

Railway cyber risk management: Raising awareness on relevant threats
2021-12-02 04:30

ENISA has announced the release of its report - Railway Cybersecurity - Good Practices in Cyber Risk Management for railway organizations. European railway undertakings and infrastructure managers need to address cyber risks in a systematic way as part of their risk management processes.

How to handle third-party security risk management
2021-11-19 06:00

In this Help Net Security interview, Demi Ben-Ari, CTO at Panorays, talks about third-party security risk management and the repercussions of a third-party breach. Why is third-party security risk management so important?

Break into the cybersecurity field by learning the NIST risk management framework
2021-11-04 10:02

Cybersecurity is a lucrative field, and you don't have to spend years learning all the various aspects of it. If you are an advanced IT professional, you can actually break into it with very specialized training, such as the NIST Cybersecurity & Risk Management Frameworks course.

Proven third-party risk management strategies
2021-11-03 06:30

As cyber threats continue to plague enterprises and the third-party partners and suppliers they work with, organizations that have prioritized the development of a robust third-party cyber risk management program are experiencing success. That's why it's more important than ever for companies to integrate third-party cybersecurity risk management into their security strategies.

Microsoft 365 will get enhanced insider risk management tools
2021-10-20 13:30

Microsoft is updating Microsoft 365 to allow admins to better manage insider security threats in their environments with improvements to risky activity detection and visibility. Insider Risk Management enables Microsoft 365 cloud services platform customers to detect, investigate, and remediate insider security threats within their organizations across Office, Windows, Azure, and third-party apps like HR systems.

3 risk management priorities CIOs are focused on right now
2021-10-13 20:29

CIOs have had their hands full since the start of the pandemic with three risk management and governance priorities weighing heavily on their minds. CIOs are becoming more sharply focused on information security and risk management since the pandemic.

5 Tips for Achieving Better Cybersecurity Risk Management
2021-09-23 19:10

Cybersecurity frameworks such as ISO 27001, the international framework that defines best practices for an information security management system, can help organizations tackle business risk and enhance overall cyber-defense. In addition to ISO 27001, there are several other frameworks to consider, including the National Institute of Standards and Technology Cybersecurity Framework, which offers in-depth support to help enterprises identify the necessary actions to address and decrease risk.

Navigating Vendor Risk Management as IT Professionals
2021-08-23 07:09

Let's look at navigating vendor risk management as IT professionals and see how businesses can accomplish this in a highly complex cybersecurity world. To meet the cybersecurity challenges in working with third-party vendors, organizations must focus on vendor risk management.