Collaborate Disseminate
The Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. “In alignment with CISA’s… Continue reading CISA offers cybersecurity services to non-federal orgs in critical infrastructure sector
Despite their best efforts, 67% of businesses say they need to improve security and compliance measures with 24% rating their organization’s security and compliance strategy as reactive, according to Vanta. The expansion of attack surfaces in a post-pa… Continue reading Only 9% of IT budgets are dedicated to security
As the digital transformation of business accelerates, risk and internal audit leaders shift their focus to managing technology-driven risk, according to AuditBoard. The report reveals a growing gap between risk and assurance teams’ capacity to manage … Continue reading Internal audit leaders are wary of key tech investments
In this Help Net Security interview, Sumedh Thakar, President and CEO of Qualys explores the vision behind the Qualys Enterprise TruRisk Platform, a strategic move aimed at redefining how enterprises measure, communicate, and eliminate cyber risk. We d… Continue reading Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard
Research has found 91% of CEOs view IT security as a technical function that’s the CIO or CISO’s problem, meaning IT leaders have more work to do to engage senior executives and boards. Continue reading Australian CEOs Struggling to Face Cyber Risk Realities
86% of CISOs believe generative AI will alleviate skills gaps and talent shortages on the security team, filling labor-intensive and time-consuming security functions and freeing up security professionals to be more strategic, according to Splunk. 35% … Continue reading CISOs and board members are finding a common language
While the threat landscape is evolving for most on the front lines, little has changed in recent years, according to ISACA. The research finds that of the cybersecurity professionals who said they were experiencing an increase or decrease in cybersecur… Continue reading Companies rethinking degree requirements for entry-level cybersecurity jobs
In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fo… Continue reading Tackling cyber risks head-on using security questionnaires
For companies to avoid bleeding millions through cyber threats, they must build adaptability into their security strategy from the start while considering a range of inputs that go beyond the IT and network access aspects. In this Help Net Security int… Continue reading The pitfalls of neglecting security ownership at the design stage
Data breaches are a dime a dozen. Although it’s easy to look at that statement negatively, the positive viewpoint is that, as a result, cybersecurity professionals have plenty of learning moments. Learning what went wrong and why can be a good sanity c… Continue reading Balancing budget and system security: Approaches to risk tolerance