News Flash: You’re not just responsible for your own organization’s risk anymore. You need to watch out for your friendly, and sometimes not-so-secure, business partners, too. Third-party risk assessment is crucial to the defensibility of your cyber ecosystem, yet the task can be daunting. How do you know whether a third party has been the victim of a security breach? Which ones are most likely to experience a ransomware attack? W...

Register for THE WORLD’S LARGEST Cyber Risk & Insurance industry event for P&C Professionals and insurance buyers. This one-day program has become the flagship event on the cyber calendar. Your insurance conference registration includes multiple tracks featuring the hottest topics, including: Cyber Risk Management and Response Best-Practices Developing Issues in the Cyber Insurance Space Approaches to Risk Quantification for All...

Environmental, Social and Governance (ESG) frameworks have emerged in the private sector as a way to incorporate social good into the other work an organization is engaged in. It’s a lens that can enhance and inform the way a company thinks about risks, opportunities and outcomes. But when people think about improving their communities and addressing the major issues that impact daily life, they look to governments – not corporatio...

One of the most prolific attacks over the past few years, that has touched nearly every industry and kept security professionals up at night, is ransomware. Ever-looming as the threat that can bring an organization to a halt, we have seen an explosive growth in ransomware and extortion attacks. Driven by never-ending vulnerabilities and automated attack tools, ransomware shows little signs of slowing down. It is time to change that pace. Join...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. Once attackers have gained access to your infrastructure, be it through a compromised host or through physical access, they will be looking to gain access to further resources. While there is a wide variety of ways that attackers can use to broaden their footprint in your environment, this webcast will focus on...

Do we ask too much of our security validation platforms? Is it really possible to mitigate risks created by security gaps, vulnerabilities, and external exposure across an entire organization? Yes—it’s all about asking, and answering, the right questions. In this webcast, Senior SANS Instructor Dave Shackleford and Cymulate’s Director of Cyber Evangelism Dave Klein examine the Cymulate Extended Security Posture Management Pl...

Finding flaws is much easier than fixing flaws. That's a fact. Happy to debate it. If this were not the case, we might just have this security thing all wrapped up. There are hundreds of tools that are reasonably successful at telling us what we are doing wrong (think compliance and vulnerability scanners). However, the solutions to these problems are not always as straightforward as they might seem. Sure, our tools and penetration testers wi...

Local and state governments have many endpoints and networks to manage and protect, but their operations come under increased threat of cyberattacks as the levels of security across departments become fragmented. Creating a fully integrated approach improves visibility and cohesion among branches of an agency, allowing them to take a proactive stance when it comes to mitigating risks. Seeing across silos on this matter strengthens an organizat...

Efforts to breach U.S. voting systems and influence election outcomes by state-sponsored, criminal and malicious insider actors are only growing in sophistication. More than ever, local and state government agencies must be able to rely on dynamic, full-spectrum security solutions that protect the entire election process and those who work to preserve outcomes. A phased approach is required to ensure risks are fully mitigated before, during an...

As our technological landscape grows in complexity and sophistication, so does our data. It quickly piles up, leaving state and local governments unsure of where all their data is, what it contains and who has access to it. Not only is this an organization nightmare, but it also creates unnecessary privacy risks. With the right solutions, agencies can gain a full view of all the data and where it resides, making it easy to access this informat...