Insights blog.

Digital vendors are now the avenue of choice for cybercriminals to perpetrate cyberattacks. Learn how you can defend your organization against a software supply chain attack.

When it comes to improving cybersecurity at your organization, there are some fixes that you can undertake with very little preparation. More robust remediation efforts, however, usually start with a cybersecurity risk assessment.

CISOs and other security leaders need buy-in from the Board and executive team in order to run effective cybersecurity programs. This requires communicating data about threats and cybersecurity performance in ways that are easy to understand.As a result, cybersecurity visualization is becoming more important than ever. In a field that's as interesting and exciting — and comes with such high stakes — as cybersecurity, you can’t allow knowledge gaps and technical complexity to obscure your message.With high-profile data breaches on everyone’s minds, the Board is becoming more and more involved in cybersecurity decisions. In fact, 45% of board members say they actively participate in setting the security budget at their company. For CISOs, getting the sign-off on necessary IT projects, purchases, and partnerships often involves making impactful arguments to Board members who might not have IT backgrounds. So, what cybersecurity visualization techniques can you use to gain executive buy-in?

As cyberattacks against cloud services and infrastructure increase, follow these best practices to improve your cloud security posture management.

We look at five ways you can reduce cyber threats without putting additional pressure on stretched resources.

Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain.

If your organization handles or works with a certain type of data, you have a legal obligation to protect that data. Generally speaking, this could refer to personal information like names, identifiers (i.e. social security numbers), health data, or financial data. If any such data is compromised, it’s not only your fiduciary responsibility to disclose the breach to those harmed—it’s also your legal obligation.

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But who is responsible for breaches in the cloud data, the service provider or the organization using their services?

We delve into the purpose of these EU regulations, the challenges they present, the timeframe for adoption, and the keys to comply.

In Part 1 of this multi-part series, we describe the new SEC cybersecurity regulations and assess potential impact on both shareholders and companies.

If you’re working on organizational cybersecurity, one of your top goals is likely putting a system in place that will help identify data breach incidents as quickly as possible, whether that data is inside your organization or with one of your vendors. Of course, simply knowing about a data breach incident isn’t enough—you have to take action immediately, or you could risk major data implications. 

A majority of boards now see cyber risk as business risk, so they’re asking hard questions around risk and exposure. Security leaders must have processes in place to inform and educate executives, boards, and stakeholders as to the security posture of the organization as well as the postures of important third parties.

New research sheds light on the top emerging cybersecurity threats facing organizations. We summarize these findings and recommend mitigation actions.

The term “digital resilience” has gained momentum over the past few years as cybersecurity threats have grown, but what does it really mean? And how can a company become digitally resilient?

Companies will be required to disclose risks in their annual reports beginning on 12/15/2023. For many CISOs, they may have some real questions. Here's where to start.