9 matches found
Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program
It's not enough to be secure. In today's legal climate, you need to prove it. Whether you're protecting a small company or managing compliance across a global enterprise, one thing is clear: cybersecurity can no longer be left to guesswork, vague frameworks, or best-effort intentions. Regulators...
‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program
The CVE Program is the primary way software vulnerabilities are tracked. Its long-term future remains in limbo even after a last-minute renewal of the US government contract that funds it...
Implementing an ISO-compliant threat intelligence program
Implementing a threat intelligence program that meets the definition of threat intelligence control as described in ISO/IEC 27002:2022 -- a set of standards set forth by the International Organization for Standardization -- is not onerous. The ISO/IEC 27002 standard describes a non-exhaustive lis...
T-Mobile reports data theft of 37 million customers in the US
T-Mobile has announced that an attacker has accessed "limited types of information" on customers. It says it is informing impacted customers. According to the press release, no passwords, payment card information, social security numbers, government ID numbers or other financial account informati...
Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing cost
Compliance services are emerging as one of the hottest areas of cybersecurity. While compliance used to be mainly the province of large enterprises, times have changed, and it is now a day-to-day concern for a growing number of small and medium businesses. Even when these organizations are not...
How to Quickly Prioritize Risks with VMDR 2.0 and Orchestrate Response with CMDB & ITSM Integration
A single source of truth for asset inventory enables Cybersecurity and IT teams to optimally automate risk prioritization and response. Qualys VMDR 2.0 with TruRiskTM leverages Qualys CSAM to automate the Asset Criticality Score, a key parameter of risk scoring. This blog explains how with insigh...
Excerpts from Modern Bank Heists – Data Gathering
Carbon Black recently published a report on how to gather data to improve the security posture of your enterprise. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo...
DoD Inspector General Calls Out Army CIO For Poor Mobile Device Security
The CIO of the U.S. Army failed to put in place a comprehensive security program capable of protecting data stored on commercial mobile devices such as iPhones and Androids, leaving sensitive information in key Army installations exposed. The Inspector General of the Department of Defense took th...
Pentagon boosts contractor cybersecurity program
Pentagon boosts contractor cybersecurity program The US Defense Department invited all of its eligible contractors on Friday to join a previously restricted information-sharing pact aimed at guarding sensitive Pentagon program data stored on private computer networks. The Pentagon predicts that a...