Risk Assessment - Security Intelligence

Team of professionals discussing third-party risk management in the enterprise

article

The Cybersecurity Industry’s Third-Party Risk Management Problem Is Rooted in Visibility

Only one-third of organizations feel their processes for third-party risk management are effective. The root of the issue lies in visibility and ineffective process.

May 22, 2019 | By Jasmine Henry

article

Woman using a tablet connected to her laptop: emotet

news

Latest Emotet Variant Wielding Connected Devices as First-Layer C&C Servers

A new variant of the Emotet banking malware is using compromised connected devices as first-layer command-and-control (C&C) servers.

April 29, 2019 | By David Bisson

news

Security professional conducting risk assessments in the office

article

To Move Forward Securely, Look Backward With Ongoing Risk Assessments

If we focus on the future at the expense of performing risk assessments to maintain defenses against existing threats, we will always be one step behind attackers.

April 2, 2019 | By Lysa Myers

article

Man using a laptop in public that is vulnerable to the WinRAR bug

news

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

More than 100 unique exploits of a WinRAR bug have been identified since security researchers discovered a 19-year-old vulnerability in the file compression system.

March 19, 2019 | By Shane Schick

news

IT Staff In A Data Center Tasked With Data Protection

article

What Have We Learned About Data Protection After Another Year of Breaches?

In 2018, data protection became top of mind for organizations around the world. What lessons can we draw from to help improve regulatory compliance, data breach protection and risk management in 2019?

February 13, 2019 | By Joanne Godfrey

article

Two professionals in hard hats using a laptop and talking about critical infrastructure security

article

To Improve Critical Infrastructure Security, Bring IT and OT Together

Strong collaboration between IT and OT is a critical step in improving the security of critical infrastructure systems.

February 6, 2019 | By Kacy Zurkus

article

Security professional adjusting hardware in a data center: system hardening

article

How to Build a System Hardening Program From the Ground Up

System hardening is more than just creating configuration standards; it involves identifying and tracking assets, drafting a configuration management methodology, and maintaining system parameters.

January 29, 2019 | By Brian Evans

article

Executives discussing cybersecurity risk in a board room.

article

Board Directors Can’t Afford to Ignore Cybersecurity Risk

As businesses rush to adopt emerging technologies such as AI, blockchain and big data, board directors must increase their engagement around cybersecurity risk.

January 17, 2019 | By Mark Whitecavage

article

IT professional using a digital tablet in a data center: the Dark Overlord

news

The Dark Overlord Claims to Have Stolen Secrets of 9/11 Attacks in Law Firm Data Breach

The threat group known as The Dark Overlord has claimed responsibility for a law firm data breach involving files allegedly related to the 9/11 terrorist attacks.

January 14, 2019 | By Shane Schick

news

A desktop computer and a man using a laptop in the background: system development life cycle

article

The System Development Life Cycle: A Phased Approach to Application Security

By completing the phases of the system development life cycle (SDLC), security teams can integrate processes and technologies into the development process and improve application security.

January 7, 2019 | By Brian Evans

article

Many of Baltimore’s City Services Still Offline Two Weeks After Ransomware Attack

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Risk Assessment

The Cybersecurity Industry’s Third-Party Risk Management Problem Is Rooted in Visibility

Latest Emotet Variant Wielding Connected Devices as First-Layer C&C Servers

To Move Forward Securely, Look Backward With Ongoing Risk Assessments

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

What Have We Learned About Data Protection After Another Year of Breaches?

To Improve Critical Infrastructure Security, Bring IT and OT Together

How to Build a System Hardening Program From the Ground Up

Board Directors Can’t Afford to Ignore Cybersecurity Risk

The Dark Overlord Claims to Have Stolen Secrets of 9/11 Attacks in Law Firm Data Breach

The System Development Life Cycle: A Phased Approach to Application Security