Wiz's State of the Cloud 2023 report provides analysis of trends in cloud usage such as multi-cloud, use of managed services and more. In addition, the report highlights notable cloud risks based on insights from 30% of Fortune 100 enterprise cloud environments.
Download this report to learn about:
The...
Organizations of all sizes and industries, from small businesses to large enterprises, are adopting more cloud to realize the benefits of scalability, flexibility, and cost-effectiveness for their business. At the same time, the cloud has led to the largest transformation to security in our lifetimes. Organizations...
Spoiler alert: In 2022, audits found open source in 100% of our customer engagements.
Since open source usages are now so pervasive, companies are increasingly concerned about the security of applications built on the foundation of open source components. Consequently, open source security and license compliance...
In today's rapidly evolving threat landscape, cyber attacks are becoming more sophisticated, with spear phishing attacks now the most common way for cybercriminals to enter an organization. With the advent of new technologies like ChatGPT and Deepfakes, the situation is only getting worse. ChatGPT is being used to...
The guardrails organizations use to protect employee identities are often ineffective for contractors, business partners or vendors since they bring their own devices. Many businesses struggle to implement identity safeguards in a setting that's more heterogeneous and offers fewer controls.
Did you know that 69% of businesses are still relying on manual processes to manage vendor risk? With ever-expanding third-party networks, it's time to take your program to the next level.
In order to manage hundreds of vendors as effectively as you manage ten, automation is the key to continuously detect, monitor...
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Shields Health Care Group, a Massachusetts-based medical imaging services provider, is facing two class action lawsuits filed this week - a consolidated federal case and a similar, separate case filed in state court - both in the wake of the same 2022 data breach affecting 2 million individuals.
To help U.S. healthcare sector organizations better tackle some of the top challenges involving vendor risk management, a coalition of CISOs has launched the Health3PT Council. Members John Houston of UMPC and Omar Khawaja, former CISO of Highmark Health, describe the effort.
Many of the major health data breaches being reported to regulators reflect a variety of poor practices by business associates, including retaining sensitive patient information for much longer than necessary, says Kate Borten, president of The Marblehead Group.
Third-party risk is becoming increasingly expansive as organizations rely on a burgeoning network of external vendors to operate. Read about some of the regulations emerging to combat this issue, how organizations ranked third-party risk concerns in the International Data Corporation (IDC)’s Future of Trust Survey,...
From the cyberwar in Ukraine to ongoing ransomware threats and emerging global data regulations, 2022 has been a taxing year for CISOs. And they can expect more of the same in 2023, says Rodman Ramezanian of Skyhigh Security. He offers predictions and advice for the new year.
Ride-hailing app maker Uber says a data breach at a third party is responsible for the appearance on a hacking forum of internal data. The data is unrelated to the September incident Uber experienced after a hacker affiliated with Lapsus$ penetrated the company network, an Uber spokesperson says.
Four major cloud providers - AWS, Google, Microsoft and Oracle – will participate in a $9 billion U.S. Department of Defense remote computing contract, marking a departure from an earlier winner-take-all approach that ended up in court and slowed the DoD's cloud transformation program for years.
Cyber risk quantification (CRQ) is the measure of an organization’s cyber risk expressed in monetary terms, like dollars. CRQ has many benefits, but few security professionals understand how to implement it.
Join Paul Kelly, former head of risk at HSBC, and Chris Griffith, chief product officer at Balbix, as they...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.