Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

CISA says threat actors have exploited a recently patched BIG-IP vulnerability (CVE-2020-5902) in attacks aimed at government organizations and private businesses in the US. [Read More]
The NSA and CISA have urged critical infrastructure operators in the United States to take measures to reduce the cyber exposure of industrial assets. [Read More]
Chinese drone maker DJI has responded to the disclosure of security issues found in its Android app, which researchers compared to malware behavior. [Read More]
CyCognito, a company that focuses on identifying and eliminating shadow risks in business environments, has closed a $30 million Series B funding round. [Read More]
Data protection and privacy regulators from six countries around the world have sent a joint letter to video conferencing companies urging them to address security and privacy risks. [Read More]
An open source tool helps companies determine if their SAP systems are vulnerable to RECON attacks and tells them if they may have already been targeted. [Read More]
Polymer announces its official launch with a solution that automatically detects and redacts sensitive data shared in popular collaboration tools such as Slack, Zoom and GitHub. [Read More]
Microsoft has unveiled new security capabilities for Microsoft 365 and Azure, along with a new Endpoint Data Loss Prevention solution. [Read More]
Microsoft has revealed plans to move forward with the retirement of the TLS 1.0 and 1.1 protocols in Office 365, starting October 15, 2020. [Read More]
Senior US Democrats have demanded an urgent intelligence briefing for lawmakers from the FBI over what they said was a concerted foreign campaign to spread disinformation to interfere in November's elections. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

AJ Nash's picture
Once we shed the shackles of “cyber” and “threat,” we free our teams to consider a full spectrum of intelligence, including support to physical security, insider threats, procurement, mergers and acquisitions, and executive decision-making.
Fred Kneip's picture
While some forward-thinking companies have created c-suite positions for IT and security personnel such as CTOs and CISOs, these are, overall, still relatively rare.
Josh Lefkowitz's picture
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Fred Kneip's picture
Third party cyber risk management programs need to go beyond an initial scan and evaluate your third party’s security from the inside out.
Josh Lefkowitz's picture
It’s crucial to recognize that annual security predictions generally only include that which can be feasibly predicted by the final months of the prior year.
Marie Hattar's picture
The solution: every week, devote at least two hours to basic cyber hygiene. Four best practices will help your team build habit from repetition.
Joshua Goldfarb's picture
Security metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations. Here are five tips for leveraging security metrics to keep your organization out of the lion’s den.
Craig Harber's picture
As long as organizations continue to employ simplistic “set it and forget it” security approaches, they will be forced into playing reactive, catch-up defense against cyber attackers.
Fred Kneip's picture
Employing a third party adds risk, especially if that company is given some level of access to network and computing resources, or is asked to handle and protect critical or proprietary information.
Marc Solomon's picture
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.