Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
In today’s dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
“The only way to see if all these products have...
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
In today's dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
Attention to anyone who manages a Microsoft Windows environment: Security researchers are tracking a zero-day vulnerability in Microsoft Office that's being actively exploited by attackers to run malicious code on a vulnerable system.
The U.S. Department of Justice has revised its policy on who it charges with violations under the Computer Fraud and Abuse Act. The DOJ now specifies that good-faith security research and researchers cannot be charged under the CFAA because they help improve cybersecurity standards.
An emergency directive from the U.S. Cybersecurity and Infrastructure Security Agency advises all federal agencies in the country to immediately patch and address two vulnerabilities - one with a critical CVSS score and the other with a high score - that affect at least five VMware products.
The Five Eyes intelligence alliance has released a set of the 15 most routinely exploited vulnerabilities in the past year. Nine of the 15 vulnerabilities allow remote code execution, and the rest include privilege escalation, security bypass and path traversal, among other flaws.
As a security leader, you know that the way to align your vulnerability management program to support the business is to mitigate the vulnerabilities that have the biggest business impact. But that’s easier said than done. How do you discover and rate each vulnerability? How do you remediate them without disrupting...
New Cobalt CEO Chris Manton-Jones plans to push upmarket and go after enterprise customers and leverage automation and self-service to accelerate product growth. He replaces founder Jacob Hansen, who had served as CEO since Cobalt's inception in 2013 and will remain with the firm as a board member.
Sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers signed up with bug bounty platforms, which can no longer legally make payments. A researcher in Belarus says he's locked out from accessing $25,179 in his HackerOne account.
In their Security Operations Primer, Gartner has recently identified Attack Surface Management as one of the top security trends and priorities for 2022. In this webinar you will learn how to address this problem by combining ASM, Vulnerability Management and Threat Intelligence into a single solution.
Join us...
Regulators should require all medical device makers to include a baseline of certain cybersecurity protections in their products and to build in a feature that allows safe vulnerability scanning of their devices, says researcher Daniel Bardenstein, a strategist at CISA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.