To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.
CISOs must focus on the business value they're providing, not the technical details of their work, when interacting with the C-suite and board. Don’t focus too narrowly on security risks and technical requirements and miss what the business wants to achieve, says David Nolan, CISO, The Aaron’s Co.
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
It has never been more vital to secure your supply chain, with governments also recognizing the urgency by increasingly calling for Software Bills of Materials (SBOMs) and the implementation of effective third-party security risk management (TPRSM) to stem the surge in ransomware and other cyberattacks.
It’s not...
Have you ever struggled to answer the questions “how secure is our company” or “are we as secure as our top competitors”, or even “are we doing better or worse than the last time we checked”? Even companies who pride themselves on having best-in-class security programs often don’t have the data to answer...
Compliance isn’t exactly the most exciting side of cybersecurity. But like it or not, much of our work to secure digital assets boils down to implementing and validating checklists of controls that prevailing wisdom holds to be effective.
During this webinar, experts from RiskRecon and Cyentia Institute will...
In this episode of "Cybersecurity Unplugged," Mark Cristiano of Rockwell Automation discusses Rockwell's cybersecurity journey, the particular challenges of deploying cybersecurity in an OT environment, and the minimum and proper industrial protections that organizations need to have in place.
Over the past few years, the concept of vulnerability management has grown beyond crucial network scans to include the security of applications and a growing number of endpoints. It’s the cornerstone of a proactive security strategy that incorporates the best of both offensive and defensive security tactics.
We...
CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
In the latest "Proof of Concept," VP and CISO Nicole Darden Ford shares findings from Rockwell Automation's new survey report on cybersecurity preparedness in critical infrastructure, OT security gaps, the state of critical infrastructure, and insights into preparedness and best practices.
A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.
In today's dynamic threat environment, security teams must adopt a risk-based approach, prioritizing the most important areas of their organization. They also should not be afraid to seek outside help. Murtaza Hafizji of Bugcrowd discusses the merits of crowdsourced security.
CDNs that don’t provide the real-time observability, baked-in security, and programmatic control needed to deliver the dynamic experiences today’s users demand.
Developer empowerment is essential for creating innovative digital experiences that help increase customer lifetime value, improve conversion rates,...
HelpSystems acquired Dutch red-teaming startup Outflank to help critical infrastructure firms more effectively prepare for cyberattacks. The buying of Outflank will provide clients with a broader range of red-teaming software and services thanks to Outflank's tight integration with Cobalt Strike.
Tenable wants to help the cybersecurity industry move away from traditional vulnerability management focused on giving customers a list of vulnerabilities. Instead, CEO Amit Yoran wants to help customers understand their exposure and how they can effectively manage and reduce risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.