Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Any seasoned vendor risk manager will tell you that determining whether a particular third party’s cybersecurity is up to your standards—and deciding how much risk to assume through your relations with your vendors—is not a simple task....
Over the past couple of weeks, a major issue has surfaced affecting numerous companies that use MongoDB to store their data. Those who install MongoDB on a server and use default settings are exposing their data to the internet and...
Anyone in the security space can agree that a solid cybersecurity policy goes a long way. But not everyone in your organization is a security expert. In fact, many employees may not know the first thing about firewalls or viruses—which...
On February 12, 2013, President Barack Obama issued Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” which called for collaboration between government and the private sector to create a set of standards for...
In the world of risk management, risk is commonly defined as threat times vulnerability times consequence. The objective of risk management is to mitigate vulnerabilities to threats and the...
