Enterprises have deliberated on implementing zero trust for years, but vendors are overpromising and under-delivering on zero trust solutions. Gartner Vice President Analyst John Watts discusses the current adoption status and misunderstandings surrounding the framework.
As security and technology leaders look to reduce the complexity of their environments and condense the number of core vendors in their ecosystems, the power of platform solutions grows. John Maddison of Fortinet opens up on the power of convergence in a single operating system.
This white paper provides step-by-step instructions for maturing your third-party risk program by implementing cybersecurity risk management.
TPRM and cybersecurity are closely related: third parties are the greatest risk to cybersecurity, and cybersecurity is the most critical third-party risk domain. By mapping...
This white paper covers the key TPRM metric your team needs to track its effectiveness over time, the processes for gathering these metrics and tips for building a business case for your program.
Third-party risk management (TPRM) teams often have to justify the cost of their programs to executive leadership,...
Vendors are a fact of the modern workplace, but they can bring serious security risk to your organization. To secure your organization, it is necessary to keep tabs on the risk posed by your suppliers, third parties and vendors. Thorough due diligence can significantly minimize the chance that your organization...
Learn why a risk-based perspective on cybersecurity can be a game-changer for your organization. This new study conducted by the analyst firm Enterprise Management Associates (EMA) on behalf of ProcessUnity and CyberGRX is essential reading for every information security professional eager to remain at the forefront...
This white paper covers the disclosures required by the new SEC rules, the challenges these disclosures present to cybersecurity professionals and tips for managing these challenges with cybersecurity risk management software.
Newly passed cybersecurity rules from the SEC signal a renewed interest in regulating...
Digital transformation offers enormous upsides for technology companies, including the ability to work more efficiently, manage costs, scale operations, improve the customer experience, and accommodate fluctuations in service demand. But for cybersecurity teams, the digital transformation movement presents a wealth of...
A third-party management platform founded by a longtime McKinsey consultant closed a funding round to bring further automation to compliance and procurement tasks. Certa plans to invest in AI that takes text-based organizational policies and converts them into controlled workflows.
Traditional licensing models that lock organizations into fixed solutions or time periods are no longer ideal. Organizations need to consider usage-based licensing approaches that offer flexibility to deploy whatever solutions are required, wherever they are needed, for whatever length of time.
Spoiler alert: In 2022, audits found open source in 100% of our customer engagements.
Since open source usages are now so pervasive, companies are increasingly concerned about the security of applications built on the foundation of open source components. Consequently, open source security and license compliance...
The guardrails organizations use to protect employee identities are often ineffective for contractors, business partners or vendors since they bring their own devices. Many businesses struggle to implement identity safeguards in a setting that's more heterogeneous and offers fewer controls.
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Shields Health Care Group, a Massachusetts-based medical imaging services provider, is facing two class action lawsuits filed this week - a consolidated federal case and a similar, separate case filed in state court - both in the wake of the same 2022 data breach affecting 2 million individuals.
To help U.S. healthcare sector organizations better tackle some of the top challenges involving vendor risk management, a coalition of CISOs has launched the Health3PT Council. Members John Houston of UMPC and Omar Khawaja, former CISO of Highmark Health, describe the effort.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.