Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

riscosity

DPDP, India's Privacy Law

Dec 19, 2024 By Anirban Banerjee In Riscosity
India's Digital Personal Data Protection (DPDP) law, enacted in 2023, represents a pivotal step in safeguarding personal data privacy while fostering accountability among entities handling such data. As businesses grapple with its requirements, understanding its core mandates, applicability, timeline, and implications is critical for compliance and operational efficiency.
Read Post
SecurityScorecard

Day in the Life of a CISO: A Vendor Breach: Assessing Our Exposure

Dec 19, 2024 By SecurityScorecard In SecurityScorecard
It’s 10:47 PM, and I’m halfway through binge-watching the latest must-see series when my phone buzzes. A notification from SecurityScorecard has my attention instantly: one of our critical vendors has just reported a breach. I hit pause, grab my laptop, and dive straight in. As much as I’d love to ignore it for a few hours, cyber risks don’t come with snooze buttons. Before panic sets in, I’m logging into the SecurityScorecard platform.
Read Post
ssl2buy

What is Spear Phishing: How It Works and How to Stay Safe?

Dec 19, 2024 By SSL2BUY In SSL2BUY
Spear phishing plays a significant role in causing data breaches and cyberattacks. It costs businesses and individuals millions of dollars each year. Spear phishing is different from traditional phishing, which covers a broad spectrum. It targets specific individuals or organizations and uses tricks to make the victim reveal some sensitive information. This article explores spear phishing. It covers its unique traits and offers expert tips to identify and stop such attacks.
Read Post
keeper

FedRAMP Equivalent vs FedRAMP Authorized

Dec 19, 2024 By Teresa Rothaar In Keeper
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government program designed to standardize and streamline the assessment, authorization and continuous monitoring of cloud computing services for federal agencies. It establishes a consistent set of security requirements for Cloud Service Providers (CSPs) to ensure their products meet the rigorous security and privacy needs of the federal government.
Read Post
ciso global

Protecting Your Heart and Wallet: A Guide to Safe Charitable Giving

Dec 19, 2024 By CISO Global In CISO Global
The holiday season brings out the best in people, with many feeling inspired to support worthy causes. Unfortunately, it also attracts scammers who prey on this generosity. Here’s how to ensure your donations reach legitimate charities while protecting your personal and financial information.
Read Post
nucleus

Making CIS Benchmarks Part of your Vulnerability Management Strategy

Dec 19, 2024 By Scott Kuffer In Nucleus
While vulnerability management is one of the few preventative practices in security, vulnerability patching is still a reactive process. It’s a continuous cycle of discovery, vendors releasing patches, and remediation teams applying those patches. What if there was a way to build in some proactivity to this endless reactive spiral?
Read Post
securitysenses

How to develop and secure Cloud apps?

Dec 19, 2024 By SecuritySenses In SecuritySenses
How can businesses build cloud applications that are both reliable and secure? Organizations face a dual challenge: they must develop scalable solutions and protect sensitive data. As more businesses migrate to cloud-based infrastructures, they must adopt strong cloud solutions development and security practices. These steps help them maintain operations and preserve customer trust. In this article, we guide you through proven strategies and best practices. We show how you select the right architecture and implement advanced security measures.
Read Post
manageengine

Bumblebee Malware is back with evolving tactics: How EventLog Analyzer can help protect your organization

Dec 18, 2024 By Log360 In ManageEngine
In a surprising development, Bumblebee Malware (a popular malware downloader) has resurfaced with an approach that was believed to be long gone: VBA macro-enabled documents. This comes just four months after Europol dismantled various trick bots—including Bumblebee, IcedId, Pikabot, TrickBot and systemBC—during a crackdown called Operation Endgame.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.