In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."
BlueVoyant purchased a risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations. Buying Conquest Cyber will allow BlueVoyant to provide cyber risk maturity and compliance assessments to both federal and commercial customers.
A new guide from the Cybersecurity and Infrastructure Security Agency aims to help healthcare and public health sector entities get a much tighter grip on managing serious risks posed by the most troublesome types of vulnerabilities threatening the beleaguered industry.
New York State will soon seek public comment on sweeping new cybersecurity regulations for hospitals. The proposed rules would come with $500 million in requested funding to help the providers step up their security investments to comply with the new requirements.
A breakthrough star in Forrester's latest vulnerability risk management rankings hauled in $34 million to expand into the cyber risk and attack path management markets. The Series B extension funding will allow Vulcan Cyber to go beyond legacy vulnerability management and take on ASPM.
The vast range of questionnaires used in the current third-party assessment process make the process ineffective because the questionnaires typically do not give the context required for specific organizations with unique needs, according to Darshan Lakha, head of cybersecurity at Vodacom Group.
The financial services threat landscape is continually evolving. Matanda Doss, executive director of cybersecurity and technical controls at JPMorgan Chase, stressed the need to build security measures into an organization's infrastructure, starting with critical assets.
In the rapid digitization of manufacturing, energy, and critical infrastructure industries, the integration of Operational Technology (OT) with Information Technology (IT) systems is driving innovation and efficiency. However, this convergence brings a pressing concern: cybersecurity threats targeting OT environments...
Operational technology security continues to evolve rapidly. According to Gartner, Security and Risk Management (SRM) leaders, responsible for the technology, information and risk to OT systems, should anchor security efforts to operational resilience in the face of mounting risks by adopting an integrated security...
Secretaries of state and election administrators told the Senate Committee on Rules and Administration that local election offices are facing a critical lack of resources and funding to support essential cybersecurity measures ahead of the upcoming voting cycle.
Exterro has purchased a data discovery vendor led by a GE and Symantec veteran to help organizations detect, measure and remediate risk around structured data. The deal will allow Exterro customers to analyze structured data without ingesting tons of information or putting a load on company systems.
The fallout from the SEC's charges of fraud and internal control failures against SolarWinds and its CISO has implications for the industry. Cordery Compliance attorney Jonathan Armstrong advises security leaders to "take heed and remember that the actions of today can determine your fate tomorrow."
The Australian government is close to introducing standards to shore up the security of the down under country's fast-growing solar market amid reports that Chinese state-sponsored hackers might target internet-connected solar inverters and cause blackouts.
A machine identity management provider led by an ex-Tricentis executive notched a $1.3 billion valuation after getting a minority investment from Sixth Street Group. Keyfactor said the funds will support high market demand for technology that secures devices and simplifies public key infrastructure.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.