"Stop waiting; start preparing." This is the message from Robert Teague and Thomas Graham of Redspin, a division of Clearwater, regarding the U.S. Department of Defense's Cybersecurity Maturity Model Certification. CMMC is coming, they say, and now is the time to get ready.
Duo offers a variety of features that can help you secure your organization's resources quickly and easily, including Multi-factor authentication (MFA), Device verification and Risk-based policies
Manual API discovery is impossible due to the sheer number of APIs available, their constant changes, poor documentation, different formats and protocols, and different authentication and security requirements. Given these challenges, the solution is to use automated API discovery tools.
In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.
European Union lawmakers have criticized the British government's updated privacy bill over concerns that it fails to adequately protect European citizens' fundamental rights. Lawmakers also heard from the Irish data authority on the status of its pending TikTok inquiry.
Many small and medium-sized businesses are facing "generational trauma" in trying to comply with a variety of regulatory and other compliance issues as these requirements are being demanded by their larger business partners, insurers and others, says Tarah M. Wheeler, CEO of Red Queen Dynamics Inc.
With new legal, contractual and cybersecurity requirements, the regulatory landscape is constantly changing on both local and national fronts. As a result, compliance can become increasingly difficult, leaving organizations with a certain amount of risk, said James Shreve, partner, Thompson Coburn.
Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."
The economic downturn has laid bare just how much of a disaster special purpose acquisition companies have been for the cyber industry. Despite this, confidential computing security vendor Hub decided to try its luck with a SPAC. So far, Hub's time on the Nasdaq Stock Exchange hasn't gone well.
Many enterprises want to move away from basic security configuration assessment tools that monitor for CIS controls but don’t have automated remediation or custom reporting. Beatrice Sirchis of Israel Discount Bank of New York shares her perspective on policy compliance beyond SCA.
Data breaches are tricky to cover, and we want to report on them in an ethical way. That requires picking what should be reported for informed public discourse but avoiding topics that may encourage attackers' efforts to shame victims into paying a ransom and anything resembling data dump voyeurism.
Federal officials recently froze the assets of Ethereum blockchain cryptocurrency mixer Tornado Cash, stating that civil and potentially criminal penalties await those who use the service. On this week's "Sound Off," crypto expert Ari Redbord explains why the sanctions are "exceptional."
They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.
Domain name registrars track domain name owners via "whois" data, which is a crucial tool for investigators combating cybercrime. But Kroll's Alan Brill says that since the EU General Data Protection Regulation went into effect, many registrars no longer publicly share such information, and that's a problem.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.