Collaborate Disseminate
In this Help Net Security interview, Charles d’Hondt, Head of Operations, Ambionics Security, talks about the necessity of implementing continuous penetration testing because yearly ones are not enough. They leave blind spots and cannot match the… Continue reading Unmasking the limitations of yearly penetration tests
In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fo… Continue reading Tackling cyber risks head-on using security questionnaires
While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached re… Continue reading Large-scale breaches overshadow decline in number of healthcare data incidents
In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix, discusses how the recent approval of the FedRAMP Rev. 5 Baselines is a significant step forward in the cloud security and compliance domain. The implications for CSPs and third-party as… Continue reading What to know about FedRAMP Rev. 5 Baselines
The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules:
The rules go into effect this December.
In an email newsletter, Melissa Hathaway wrote:…
Continue reading New SEC Rules around Cybersecurity Incident Disclosures
U.S. enterprises are responding to growing cybersecurity threats by working to make the best use of tools and services to ensure business resilience, according to ISG. Enterprises face growing cybersecurity threats The report for the U.S. finds that th… Continue reading CISOs are making cybersecurity a business problem
Verizon’s recently released 2023 Data Breach Investigation Report (DBIR) provides organizations with a comprehensive analysis of the evolving threat landscape and valuable insights into incident types and vulnerabilities. This year, the report in… Continue reading The significance of CIS Control mapping in the 2023 Verizon DBIR
Earlier this week, I signed on to a short group statement, coordinated by the Center for AI Safety:
Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war.
The press coverage has been extensive, and surprising to me. The New York Times headline is “A.I. Poses ‘Risk of Extinction,’ Industry Leaders Warn.” BBC: “Artificial intelligence could lead to extinction, experts warn.” Other headlines are similar.
I actually don’t think that AI poses a risk to human extinction. I think it poses a similar risk to pandemics and nuclear war—which is to say, a risk worth taking seriously, but not something to panic over. Which is what I thought the statement said…
Google has made available a new tool for Google Workspace admins and security teams to make an assessment of the risk different Chrome extensions may present to their users: Spin.AI App Risk Assessment. The tool is available through the Chrome Browser … Continue reading Google adds new risk assessment tool for Chrome extensions
More than ever, organizations are relying on third parties to streamline operations, scale their business, expand and leverage expertise, and reduce costs. In the complex and fast-moving world of cybersecurity-meets-regulations, working with third part… Continue reading A third-party’s perspective on third-party InfoSec risk management