Insider risk management needs a human strategy 2025-05-14 at 08:01 By Mirko Zorz Insider risk is not just about bad actors. Most of the time, it’s about mistakes. Someone sends a sensitive file to the wrong address, or uploads a document to their personal cloud to work from home. In many cases, there is no […]
React to this headline:
Insider risk management needs a human strategy Read More »
Breaking down silos in cybersecurity 2025-05-13 at 08:34 By Help Net Security All organizations erect silos – silos between groups and departments, across functions and among technologies. Silos represent differences in practices, culture and operations. Their presence inhibits communication and collaboration. As companies scale from startup to mid-sized and beyond, silos multiply and ossify. As
React to this headline:
Breaking down silos in cybersecurity Read More »
Half of red flags in third-party deals never reach compliance teams 2025-05-02 at 07:32 By Help Net Security Third-party risk management (TPRM) is compromised in many organizations because those holding the relationship with the third-party (relationship owners) don’t escalate red flags to compliance teams reliably, according to Gartner. The post Half of red flags in
React to this headline:
Half of red flags in third-party deals never reach compliance teams Read More »
Tech Giants Propose Standard For End-of-Life Security Disclosures 2025-04-30 at 18:50 By Ryan Naraine The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools. The post Tech Giants Propose Standard For End-of-Life Security Disclosures appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Tech Giants Propose Standard For End-of-Life Security Disclosures Read More »
How do You Know if You’re Ready for a Red Team Partnership? 2025-04-29 at 19:23 By Trevin Edgeworth Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready. The post How do You Know if You’re Ready for a Red Team Partnership? appeared first on SecurityWeek.
React to this headline:
How do You Know if You’re Ready for a Red Team Partnership? Read More »
Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy 2025-04-25 at 15:53 By Danelle Au With over 12,000 breaches analyzed, this year’s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise. The post Inside the Verizon 2025 DBIR: Five Trends That
React to this headline:
Transforming cybersecurity into a strategic business enabler 2025-04-09 at 08:20 By Mirko Zorz In this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the organization, and approaching third-party risk with agility. How do you define cyber risk within your organization’s overall enterprise
React to this headline:
Transforming cybersecurity into a strategic business enabler Read More »
Anecdotes Raises $30 Million for Enterprise GRC Platform 2025-04-08 at 18:04 By Eduard Kovacs Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million. The post Anecdotes Raises $30 Million for Enterprise GRC Platform appeared first on SecurityWeek. This article is an
React to this headline:
Anecdotes Raises $30 Million for Enterprise GRC Platform Read More »
Building a cybersecurity strategy that survives disruption 2025-04-03 at 08:14 By Mirko Zorz Cybersecurity isn’t what it used to be. Attackers are moving quicker, disruptions happen all the time, and many security plans built for more predictable times just can’t keep up. With everything from ransomware to geopolitical threats to cloud slip-ups hitting companies, there’s
React to this headline:
Building a cybersecurity strategy that survives disruption Read More »
Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware 2025-03-28 at 14:50 By Kevin Townsend Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits. The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React to this headline:
Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware Read More »
How healthcare CISOs can balance security and accessibility without compromising care 2025-03-20 at 08:35 By Mirko Zorz In this Help Net Security interview, Sunil Seshadri, EVP and CSO at HealthEquity, talks about the growing risks to healthcare data and what organizations can do to stay ahead. He shares insights on vendor management, zero trust, and
React to this headline:
How healthcare CISOs can balance security and accessibility without compromising care Read More »
How financial institutions can minimize their attack surface 2025-03-18 at 08:01 By Mirko Zorz In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on balancing compliance with agility, lessons from regulatory audits, and Discover’s approach to risk management and workforce development.
React to this headline:
How financial institutions can minimize their attack surface Read More »
CISOs, are your medical devices secure? Attackers are watching closely 2025-03-13 at 08:02 By Mirko Zorz The adoption of connected medical devices, collectively called the Internet of Medical Things (IoMT), has transformed patient care. However, this technological advancement has also introduced cybersecurity challenges to safeguard patient safety and uphold organizational security. Securing IoMT: Prioritizing risks
React to this headline:
CISOs, are your medical devices secure? Attackers are watching closely Read More »
Security Validation Firm Pentera Banks $60M Series D 2025-03-12 at 20:03 By SecurityWeek News Israeli startup in the automated security validation space secures a $60 million round led by Evolution Equity Partners. The post Security Validation Firm Pentera Banks $60M Series D appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
Security Validation Firm Pentera Banks $60M Series D Read More »
Webinar Today: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks 2025-03-12 at 13:32 By SecurityWeek News How hyper agenda-driven threat actors, cybercriminals, and nation-states integrate digital, narrative, and physical attacks to target organizations through their executives. The post Webinar Today: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks appeared first on
React to this headline:
Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader 2025-03-11 at 19:47 By Ryan Naraine Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications. The post Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader Read More »
The art of balancing data security with business goals 2025-02-28 at 07:32 By Help Net Security In this Help Net Security video, Nathan Parks, Senior Research Specialist at Gartner, discusses their recent research, revealing that only 14% of security leaders effectively balance data security with business goals. 35% of leaders are focused on securing data,
React to this headline:
The art of balancing data security with business goals Read More »
The CISO’s dilemma of protecting the enterprise while driving innovation 2025-02-25 at 07:34 By Help Net Security CISOs are constantly navigating the challenge of protecting their organizations while ensuring business agility and innovation. For example, as companies move workloads to the cloud to support remote teams, security teams must secure data without slowing down productivity.
React to this headline:
The CISO’s dilemma of protecting the enterprise while driving innovation Read More »
Cyber Insights 2025: Artificial Intelligence 2025-01-29 at 13:15 By Kevin Townsend Artificial intelligence is upending cybersecurity. It is used by adversaries in their attacks, and by defenders in their defense. The post Cyber Insights 2025: Artificial Intelligence appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:
React to this headline:
Cyber Insights 2025: Artificial Intelligence Read More »
The modern CISO is a cornerstone of organizational success 2025-01-03 at 07:36 By Help Net Security The chief information security officer (CISO) role has undergone a remarkable transformation, evolving from a purely technical position to a role that bridges business strategy, operational efficiency, and cybersecurity. The post The modern CISO is a cornerstone of organizational
React to this headline:
The modern CISO is a cornerstone of organizational success Read More »