The roadblocks to preventive cybersecurity success 06/11/2023 at 08:04 By Help Net Security In the last two years, the average organization’s cybersecurity program was prepared to defend preventively, or block, just 57% of the cyberattacks it encountered, according to Tenable. This means 43% of attacks launched against them are successful and must be remediated after […]
The roadblocks to preventive cybersecurity success Read More »
How human behavior research informs security strategies 02/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity. Roer explains why a comprehensive understanding of human complexity is paramount in today’s security
How human behavior research informs security strategies Read More »
The Cybersecurity Resilience Quotient: Measuring Security Effectiveness 25/10/2023 at 16:31 By Rik Ferguson The Cybersecurity Resilience Quotient empowers organizations to assess their security posture comprehensively, considering asset exposure, vulnerabilities, and criticality alongside process and network architecture and disaster recovery plans. The post The Cybersecurity Resilience Quotient: Measuring Security Effectiveness appeared first on SecurityWeek. This article
The Cybersecurity Resilience Quotient: Measuring Security Effectiveness Read More »
Only a fraction of risk leaders are prepared for GenAI threats 23/10/2023 at 06:31 By Help Net Security While 93% of companies recognize the risks associated with using generative AI inside the enterprise, only 9% say they’re prepared to manage the threat, according to Riskonnect. The research reveals a profound AI risk management gap: To
Only a fraction of risk leaders are prepared for GenAI threats Read More »
Business resilience becomes primary force behind cybersecurity investments 19/10/2023 at 06:03 By Help Net Security Over 80% of northern European organizations emphasize that the need to ensure business resilience is the top driver for their cybersecurity investments, according to Nixu. The report reveals both encouraging progress and increasing concerns. Alarmingly, 50% of organizations reach only
Business resilience becomes primary force behind cybersecurity investments Read More »
How to go from collecting risk data to actually reducing risk? 17/10/2023 at 08:17 By Help Net Security Organizations trying to cope with securing their expanding attack surfaces eventually find themselves at a crossroads: they need to move beyond finding risks to effectively mitigating risk. Making that transition starts with a shift from using “risks
How to go from collecting risk data to actually reducing risk? Read More »
The collaborative power of CISOs, CTOs and CIOs for a secure future 17/10/2023 at 07:03 By Mirko Zorz In this Help Net Security interview, Phil Venables, CISO at Google Cloud, discusses the results of a recent Google report on board collaboration with the C-suite — particularly the CIO, CTO, and CISO to stay current with
The collaborative power of CISOs, CTOs and CIOs for a secure future Read More »
CISOs and board members are finding a common language 16/10/2023 at 07:39 By Help Net Security 86% of CISOs believe generative AI will alleviate skills gaps and talent shortages on the security team, filling labor-intensive and time-consuming security functions and freeing up security professionals to be more strategic, according to Splunk. 35% report using generative
CISOs and board members are finding a common language Read More »
GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks 05/10/2023 at 19:02 By Ionut Arghire GitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services. The post GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks appeared first on SecurityWeek. This article
GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks Read More »
Making privacy sustainable: Incorporating privacy into the ESG agenda 04/10/2023 at 08:02 By Help Net Security Data breaches have been rising in frequency and magnitude over the last two decades. In fact, the Identity Theft Resource Centre (ITRC) found that between 2005 and 2020, data breach events in the US alone increased from 57 to
Making privacy sustainable: Incorporating privacy into the ESG agenda Read More »
Tackling cyber risks head-on using security questionnaires 04/10/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data. Many organizations
Tackling cyber risks head-on using security questionnaires Read More »
CISO’s compass: Mastering tech, inspiring teams, and confronting risk 03/10/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. He discusses the business environment, tech innovation, the evolving regulatory landscape, limited resources, and budgets. Obudulu
CISO’s compass: Mastering tech, inspiring teams, and confronting risk Read More »
Moving From Qualitative to Quantitative Cyber Risk Modeling 28/09/2023 at 17:01 By Fawaz Rasheed Migrating to a quantitative cyber risk model of analysis allows for more accurate data, which leads to more informed decision-making. The post Moving From Qualitative to Quantitative Cyber Risk Modeling appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Moving From Qualitative to Quantitative Cyber Risk Modeling Read More »
Balancing cybersecurity with convenience and progress 25/09/2023 at 07:02 By Help Net Security Changing approaches to cybersecurity have led to slow but steady progress in defense and protection. Still, competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to CompTIA. The state of cybersecurity Most business and technology professionals feel that
Balancing cybersecurity with convenience and progress Read More »
Despite rising insider risk costs, budgets are being wasted in the wrong places 25/09/2023 at 06:02 By Help Net Security The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The average annual cost of an insider
Despite rising insider risk costs, budgets are being wasted in the wrong places Read More »
Faster Patching Pace Validates CISA’s KEV Catalog Initiative 22/09/2023 at 15:17 By Ionut Arghire CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace. The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original
Faster Patching Pace Validates CISA’s KEV Catalog Initiative Read More »
Balancing budget and system security: Approaches to risk tolerance 19/09/2023 at 08:16 By Help Net Security Data breaches are a dime a dozen. Although it’s easy to look at that statement negatively, the positive viewpoint is that, as a result, cybersecurity professionals have plenty of learning moments. Learning what went wrong and why can be
Balancing budget and system security: Approaches to risk tolerance Read More »
Regulatory activity forces compliance leaders to spend more on GRC tools 18/09/2023 at 07:48 By Help Net Security Legal and compliance department investment in GRC (governance, risk, and compliance) tools will increase 50% by 2026, according to Gartner. Assurance leaders are seeking out technology solutions to help them address increasing regulatory attention on executive risk
Regulatory activity forces compliance leaders to spend more on GRC tools Read More »
Unimplemented controls could derail your ESG compliance efforts 08/09/2023 at 06:01 By Help Net Security Two-thirds of organizations have not implemented environmental, social and governance (ESG) controls, and 60% do not currently perform internal ESG audits, according to a report by AuditBoard. Lack of ESG program readiness This lack of ESG program readiness raises the
Unimplemented controls could derail your ESG compliance efforts Read More »
Exploring the traits of effective chief audit executives 01/09/2023 at 06:03 By Help Net Security Chief audit executives (CAEs) have identified risk orientation, stakeholder management, and team leadership as the top three characteristics of the most effective individuals, according to Gartner. In April 2023, Gartner surveyed 114 CAEs across 180 areas to identify the most
Exploring the traits of effective chief audit executives Read More »