The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. Institute founder, Josh Magri, describes the updates.
COVID-19 infections are hitting new daily highs in the U.S., and some European countries are re-imposing restrictions. Plus, the flu season is just around the corner. "We're in a bad place," says pandemic expert Regina Phelps, who shares insights on pandemic trends and response.
Federal regulators have slapped health insurer Aetna with a $1 million HIPAA settlement for three 2017 breaches - including a mailing incident that exposed HIV information - that occurred within six months.
As organizations have navigated their way through return to office scenarios, there are a number of new employee expectations and employer considerations to think through. Rather than only focusing on the point-in-time circumstances of "secure work-from-home" operations, many organizations are considering a proactive...
As organizations have navigated their way through return to office scenarios, there are a number of new employee expectations and employer considerations to think through. Rather than only focusing on the point-in-time circumstances of "secure work-from-home" operations, many organizations are considering a proactive...
As organizations break away from traditional network-based security concepts, where zones are delegated "trusted" or "untrusted," to people-centric security models like Zero Trust, identity is becoming intrinsically linked to security. In fact, identity data can help security teams determine whether users or...
The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
When it comes to a breach and exposed data, a Digital Risk Protection program represents a way to reduce the potential damage. Tyler Carbone of Terbium Labs outlines the essential elements and use cases of a mature DRP program.
Ransomware has emerged as the No. 1 online threat targeting public and private organizations this year. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." Meanwhile, many victims fail to report such crimes to police.
In 2019, Alpine Capital Bank wanted to quickly understand its state of cyber maturity and quantify the potential impact of priority cyber risks. Management's goal was to calculate its financial exposure and improve cyber posture based on the findings. Alpine turned to Axio for a solution.
Download this case study...
As Universal Health Services continues to recover from an apparent ransomware incident last weekend that affected system access for hundreds of its facilities, security experts say others can learn important lessons from the company's experience.
Operational and cyber risk teams at financial institutions often face cyber resiliency challenges due to the complex, highly interdependent nature of their application environments. With zero-downtime applications and critical dependencies extending across new and old infrastructure, it's more difficult than ever for...
Companies that measure cyber
risk using "high, medium, low,"
or "red, yellow, green" have
essentially no visibility into their
real financial exposure.
Such qualitative approaches do not
give CEOs the information they need
to know how and where to invest to
minimize their risk effectively.
And these...
As cyber events continue to increase in volume, frequency, and impact,
protecting your organization must be a top priority. To optimize your company's
preparedness to address cyber risks, you need industry guidelines to drive
your cybersecurity program forward, using an assessment against guidelines
as the...
Reporting Cyber Risk is More than
a Traffic Light
Using "high, medium, low" or "red, yellow,
green" to measure cyber risk is not enough.
This method is outdated, unreliable and
insufficient. CEOs and other C-Suite
executives require an approach that helps
them decide which cyber controls -...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
