Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

upguard

Securing Essential Services: NIS Compliance Guidelines for OES

Sep 22, 2023 By Leah Sadoian In UpGuard
The EU Network and Information Security (NIS) Directive was adopted by the European Commission in 2016 and focused on establishing comprehensive cybersecurity regulations across the European Union. The NIS Directive is a robust piece of legislation enforced by local laws within each member state, working alongside other EU-wide regulations like the GDPR. The NIS Directive applies to Digital Service Providers (DSPs) and Operators of Essential Services (OES).
Read Post
upguard

Unpacking ISO 31010: Effective Risk Assessment Techniques

Sep 22, 2023 By Edward Kost In UpGuard
ISO 31010 is a supplementary document to the risk management standard ISO 31000. It was developed to support the risk assessment process in ISO 31000, outlining different risk assessment techniques to broaden the scope of an organization’s risk evaluation methods. This post offers a comprehensive overview of ISO/IEC 31010, highlighting the standard’s potential to increase the effectiveness of risk management strategies. Learn how UpGuard streamlines Vendor Risk Management >
Read Post
vanta

How to perform effective user access reviews

Sep 21, 2023 By Vanta In Vanta

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the teams’ approaches to keeping the Vanta organization secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.

Read Post

Power Up with AI - How to Take Your GRC to the Next Level

Sep 21, 2023 By TrustCloud In TrustCloud
Get ready to dive into the intersection of AI and GRC, where leveling up your program isn't just a metaphor – it's the next level of success. GRC leaders are discovering how AI is the ultimate power up, enhancing their security posture and helping them knock out risks and liability proactively. With AI by their side, GRC teams are dashing through challenging security questionnaires, scoring points with customers, and leaving their competitors in the dust.
View Video
protegrity

Collaboration: The Key Ingredient to Successful Security Compliance

Sep 21, 2023 By Protegrity In Protegrity

In the fast-paced world of software development, the clash between developers and security experts could greatly benefit from some much-needed balance. On one side, developers strive for success based on metrics like delivery time, deployment frequency, and number of features. On the other side, security professionals are measured on vulnerability and compliance metrics.

Read Post
syteca

Cybersecurity Compliance in the Education Industry: How to Protect Students' Personal Data

Sep 20, 2023 By Syteca In Syteca
The education industry is facing a growing threat from malicious cyberattackers, both external and internal. According to the Cyber Attack Trends report by Check Point Research, the education and research industry suffered from 44% more cyberattacks in the first half of 2022 compared to the same period in 2021. Therefore, cybersecurity in the academic industry is of paramount importance now.
Read Post
elastic

Data compliance in public sector: Making data secure and accessible isn't mutually exclusive

Sep 20, 2023 By Jeff Kirkpatrick In Elastic
In the UK, the Information Commissioner’s Office (ICO) has the responsibility of upholding information rights in the public interest. The ICO work with businesses and public sector organisations to offer guidance and best practices for using data and information responsibly, as well as regulating and enforcing relevant laws.
Read Post
splunk

OMB M-21-31: Your Complete Guide

Sep 20, 2023 By Laiba Siddiqui In Splunk
Imagine that you work in IT and security for a federal entity. How do you manage your event data across different systems and networks? When something goes wrong, how do you detect, investigate and remediate these security incidents? That’s what the Office of Management and Budget (OMB) addresses in M-21-31: a memorandum that provides guidance for federal agencies to increase their visibility and response capabilities before, during and after a cybersecurity incident.
Read Post

Penetration Testing and Digital Operational Resilience Act (DORA)

Sep 20, 2023 By Razorthorn In Razorthorn
In this enlightening discussion with expert Paul Dwyer, we explore the changing landscape of penetration testing within the context of the Digital Operational Resilience Act (DORA). Paul addresses the concern of traditional, snapshot-in-time penetration testing being costly and asks whether this will drive organizations towards more regular and ongoing testing to enhance security. The answer is a resounding "yes." DORA includes a dedicated section that mandates various types of tests, ranging from standard assessments to highly specific threat lab penetration testing.
View Video
tripwire

The Consequences of Non-Compliance in Cybersecurity: Risks and Penalties

Sep 19, 2023 By Stefanie Shank In Tripwire

Non-compliance in cybersecurity marks a grave oversight. It involves neglecting established security protocols, leaving organizations vulnerable to malicious actors. Read on as we examine the potential risks of non-compliance, including heightened susceptibility to cyberattacks, the specter of data breaches, and the erosion of a company's hard-earned reputation.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.