Collaborate Disseminate
Medical practices remain vulnerable to cyberattacks, with over a third unable to cite a cybersecurity incident response plan, according to Software Advice. This gap exposes healthcare providers to risks of patient data breaches, HIPAA violations, finan… Continue reading 6 key elements for building a healthcare cybersecurity response plan
In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an increase in data breaches and ransomware attacks. Daum highlights the need for b… Continue reading The future of cyber insurance: Meeting the demand for non-attack coverage
Due to widely varying government, risk, and compliance (GRC) tool pricing, enterprise risk management (ERM) leaders must understand four different pricing-tier categories of GRC solutions and apply a scoping framework to further estimate likely costs a… Continue reading Unclear pricing for GRC tools creates market confusion
Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8.5 million Windows computers, and the cost will surely be in the billions of dollars—easily matching the most costly previous cyberattacks, such as NotPetya.
The catastrophe is yet another reminder of how brittle global internet infrastructure is. It’s complex, deeply interconnected, and filled with single points of failure. As we experienced last week, a single problem in a small piece of software can take large swaths of the internet and global economy offline…
Continue reading The CrowdStrike Outage and Market-Driven Brittleness
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, mak… Continue reading OWASP dep-scan: Open-source security and risk audit tool
In this Help Net Security video, Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, outlines the questions you need to ask your security team when tailoring a defense stack against your current threat landscape. Small talks about what w… Continue reading Key questions to ask when tailoring defensive stacks
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He … Continue reading How to optimize your bug bounty programs
Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. It will certainly improve security and shrink the window of opportunity for … Continue reading How Google’s 90-day TLS certificate validity proposal will affect enterprises
Understanding risk is one thing, but how do you know if your organization has what it takes to withstand those risks being realized? Establishing cyber maturity can help determine resilience, where the strengths and weaknesses lie, and what needs to ha… Continue reading Why cyber maturity assessment should become standard practice
Last year was challenging for the global market, and the market downturn greatly affected even the historically resilient cybersecurity ecosystem. In this Help Net Security video, Merav Ben Avi, Content Manager at YL Ventures, talks about how the Israe… Continue reading A closer look at Israeli cybersecurity funding and M&A activity in 2023