Security News

ENISA has announced the release of its report - Railway Cybersecurity - Good Practices in Cyber Risk Management for railway organizations. European railway undertakings and infrastructure managers need to address cyber risks in a systematic way as part of their risk management processes.

In this Help Net Security interview, Demi Ben-Ari, CTO at Panorays, talks about third-party security risk management and the repercussions of a third-party breach. Why is third-party security risk management so important?

Cybersecurity is a lucrative field, and you don't have to spend years learning all the various aspects of it. If you are an advanced IT professional, you can actually break into it with very specialized training, such as the NIST Cybersecurity & Risk Management Frameworks course.

As cyber threats continue to plague enterprises and the third-party partners and suppliers they work with, organizations that have prioritized the development of a robust third-party cyber risk management program are experiencing success. That's why it's more important than ever for companies to integrate third-party cybersecurity risk management into their security strategies.

Microsoft is updating Microsoft 365 to allow admins to better manage insider security threats in their environments with improvements to risky activity detection and visibility. Insider Risk Management enables Microsoft 365 cloud services platform customers to detect, investigate, and remediate insider security threats within their organizations across Office, Windows, Azure, and third-party apps like HR systems.

CIOs have had their hands full since the start of the pandemic with three risk management and governance priorities weighing heavily on their minds. CIOs are becoming more sharply focused on information security and risk management since the pandemic.

Cybersecurity frameworks such as ISO 27001, the international framework that defines best practices for an information security management system, can help organizations tackle business risk and enhance overall cyber-defense. In addition to ISO 27001, there are several other frameworks to consider, including the National Institute of Standards and Technology Cybersecurity Framework, which offers in-depth support to help enterprises identify the necessary actions to address and decrease risk.

Let's look at navigating vendor risk management as IT professionals and see how businesses can accomplish this in a highly complex cybersecurity world. To meet the cybersecurity challenges in working with third-party vendors, organizations must focus on vendor risk management.

Let's look at navigating vendor risk management as IT professionals and see how businesses can accomplish this in a highly complex cybersecurity world. To meet the cybersecurity challenges in working with third-party vendors, organizations must focus on vendor risk management.

TechRepublic's Karen Roby interviews Brandon Vigliarolo about how the ransomware risk management calculus is changing for OT, ICS and critical infrastructure.