%term

How Security Ratings Can Harmonize Cybersecurity Regulations

Oct 31, 2023 By SecurityScorecard In SecurityScorecard

In July of this year, the Office of the National Cyber Director (ONCD) stated in its release of an RFI on regulatory harmonization that: “When cybersecurity regulations of the same underlying technology are inconsistent or contradictory—or where they are duplicative but enforced differently by different regulators … consumers pay more, and our national security suffers.” This is an understatement. SecurityScorecard agrees and was happy to share our comments with ONCD today.

Read Post

SecurityScorecard

Read more about How Security Ratings Can Harmonize Cybersecurity Regulations

Cyber Trust and Transparency

Oct 31, 2023 By SecurityScorecard In SecurityScorecard

In cybersecurity, the terms “trust” and “transparency” are often mentioned. And while they should no doubt be a priority, they can also be difficult to quantify. Good CISOs recognize that transparency in cybersecurity isn’t a one-time effort. It’s a continuous process that involves a near-constant state of evolution. But with the right tools and systems in place, it’s possible to not only measure trust and transparency but improve them as well.

Read Post

SecurityScorecard

Read more about Cyber Trust and Transparency

What's new in Riscosity: October

Oct 31, 2023 By Charrah Hardamon In Riscosity

Custom Descriptions Teams can now design custom descriptions to provide context as to why a finding was ignored, resolved or marked as false positive. Previously, teams were provided a set of out of the box options, for the common use cases. The new flow resembles a standard documentation process where canned and contextual responses are available to help scale internal communication.

Read Post

Riscosity

Read more about What's new in Riscosity: October

SEC's Cybersecurity Regulations, Part III: The Relationship Between the CISO & The Board

Oct 30, 2023 By Jake Olcott & Nicole Matusek In BitSight

Cybersecurity is a top risk for corporate directors to understand and navigate. The implications of cyber events for a company are many and growing: instantly damaged reputations that erode years of credibility and trust with customers and investors, impaired profitability from customer attrition and increased operating costs, lost intellectual property, fines and litigation, and harm to a company’s people and culture.

Read Post

BitSight

Read more about SEC's Cybersecurity Regulations, Part III: The Relationship Between the CISO & The Board

The Evolution of the CISO

Oct 30, 2023 By SecurityScorecard In SecurityScorecard

CISOs and security leaders are constantly being reminded that cyber risk is now a business risk. And at the same time, organizations are realizing the financial implications of not having cyber expertise on their boards.

Read Post

SecurityScorecard

Read more about The Evolution of the CISO

How to Resolve SSL Configuration Risks

Oct 30, 2023 By Caitlin Postal In UpGuard

Transport Layer Security (TLS) provides security for internet communications. TLS is the successor to the now-deprecated Secure Sockets Layer (SSL), but it is common for TLS and SSL to be used as synonyms for the current cryptographic protocols that encrypt digital communications through public key infrastructure (PKI).

Read Post

UpGuard

Read more about How to Resolve SSL Configuration Risks

Top 3 Vendor Cybersecurity IT Risk Assessment Templates

Oct 30, 2023 By Brian Thomas In BitSight

If you’re developing a vendor risk management (VRM) plan from scratch or looking to scale your existing program, a cybersecurity IT risk assessment template can help you get started. Fortunately, you have options. In this blog, we’ve listed several templates, frameworks, and checklists that can help you create a personalized vendor cybersecurity IT risk assessment questionnaire.

Read Post

BitSight

Read more about Top 3 Vendor Cybersecurity IT Risk Assessment Templates

Cyberint Named as Frost & Sullivan's 'Company of the Year' in the Global External Risk Mitigation and Management Industry

Oct 29, 2023 By Naftali In Cyberint

Cyberint’s holistic approach offers unmatched visibility, in-depth threat insights, and continuous risk monitoring with an unparalleled market understanding, according to Frost & Sullivan. Tel Aviv, Israel – November 1st, 2023 – Cyberint, the leader in impactful intelligence, is proud to announce that it has been recognized as the “Company of the Year” in the Global External Risk Mitigation & Management (ERMM) industry by Frost and Sullivan.

Read Post

Cyberint

Read more about Cyberint Named as Frost & Sullivan's 'Company of the Year' in the Global External Risk Mitigation and Management Industry

Industrial Control Systems are Exposed: Breaking Down the Risks

Oct 26, 2023 By Noah Stone In BitSight

The world had a security wake-up call recently. Organizations were alerted to nearly 100,000 exposed industrial control systems (ICS), potentially allowing an attacker to access and control physical infrastructure such as power grids, traffic light systems, security and water systems, and more. That’s not only a stark statistic but a critical call-to-action for organizations around the world.

Read Post

BitSight

Read more about Industrial Control Systems are Exposed: Breaking Down the Risks

SIG Lite Questionnaire

Oct 26, 2023 By UpGuard In UpGuard

The SIG Lite Questionnaire is now available as a part of UpGuard’s questionnaire library! We’ve partnered with Shared Assessments to offer this leading security framework to help businesses identify, assess, and mitigate cyber risk in their third-party vendors. SIG Lite is one of the most popular questionnaires for assessing vendors and covers a wide range of IT security and risk management topics, including data privacy, network security, and vulnerability management!

View Video