risk management Archives

The AI era demands a different kind of CISO

When attackers can discover and exploit vulnerabilities in minutes, last quarter's audit doesn't mean much. CISOs need to shift from static measurement to real-time awareness -- and…

22 hours ago By Rinki Sethi

third party risk — Check lists still drive so much when it comes to cybersecurity inside corporate America. (Getty)

How early-stage companies can go beyond cybersecurity basics

If a company is growing, it needs its cybersecurity plan to grow with it. Here are some tips on how it can do so.

Nov 6, 2024 By Jonathan Selby

Federal agencies are falling behind on meeting key privacy goal set five years ago

Several federal agencies are playing catch-up on meeting recommendations from NIST detailed in a 2018 framework for how government should incorporate privacy into their risk management strategies.

Oct 17, 2023 By Rebecca Heilweil Tonya Riley

The benefits of understanding industrial cybersecurity

What leaders should know about the absence of effective operational technology cybersecurity and how digital transformation of OT systems can exacerbate cybersecurity risk.

Nov 10, 2021 By CyberScoop Staff

Bad patching practices are a breeding ground for zero-day exploits, Google warns

Vulnerabilities can come back to bite you.

Feb 3, 2021 By Sean Lyngaas

The United State Postal Service headquarters in Washington, D.C.

Postal Service left vulnerable IT applications unaddressed for years, inspector general finds

The "common, well-known vulnerabilities" could have been exploited by hackers using "publicly available methods,” the report found.

Sep 11, 2020 By Sean Lyngaas

Your company should manage your cyber risk like any other risk

In this op-ed, Pharos Security founder Douglas Ferguson explains why cyber risk is like any other risk a business faces.

Oct 1, 2019 By Douglas Ferguson

DHS vulnerability disclosure program — (U.S. Department of Homeland Security / Flickr)

DHS to unveil National Risk Management Center

DHS plans to unveil a new interagency center to help critical infrastructure firms assess the risk that a ceaseless stream of cyberthreats pose to their networks.

Jul 31, 2018 By Sean Lyngaas

flash zero-day — (logo from Wikicommons/remixed by Greg Otto)

Wyden asks federal agencies to ditch Adobe Flash

The senator wants agencies charged with issuing federal cybersecurity guidance to get Flash off of government systems before 2020.

Jul 25, 2018 By Sean Lyngaas

Electric utilities use red-teaming, AI to prepare for advanced threats

The U.S. electric industry has responded to a steady stream of cyberthreats to the power grid with more rigorous red-teaming and by using artificial intelligence, utility executives…

Jul 13, 2018 By Sean Lyngaas