As the GDPR enforcement date edges closer, organizations remain unprepared to comply - especially when it comes to vendor risk management. What - beyond contracts - do organizations need?
Download this whitepaper that discusses:
Why organizations remain unprepared for GDPR
What is most misunderstood about vendor...
How well do you know your vendors and the risk they pose? The scope of vendors you need to assess is rising constantly. At the same time, there is more scrutiny than ever on data security and privacy. These factors create greater shared risk where organizations can be held liable for their vendors' actions. To get a...
As the GDPR enforcement date edges closer, organizations remain unprepared to comply, says BitSight's Elizabeth Fischer - especially when it comes to vendor risk management. What - beyond contracts - do organizations need?
In this report, SANS reveals the results of their evaluation of the CrowdStrike Falcon® platform.
To conduct their evaluation, SANS security analysts ran Falcon through a wide range of increasingly complex attack scenarios. The exploits they used to evaluate CrowdStrike included phishing, credential...
There are many reasons why healthcare companies are far more concerned about the security posture of their vendors�and the maturity of their vendor risk management (VRM) program�than ever before. Medical data and personal patient information is migrating to the digital world, cyber attacks are continuing to grow in...
Today, organizations are focused heavily on core competencies and keys to success. This-coupled with the rapid growth of software as a service (SaaS)-has led to increased outsourcing of certain business functions to vendors who can perform these functions better, faster, or cheaper.
Download this whitepaper that...
With the growth in the number and sophistication of cyber threats and daily reports of security breaches, cyber risk is high on the list of the most significant risks that organizations face.
Measuring and managing security risk levels continues to be a difficult task. Faced with a constant stream of evolving...
Nuance has issued an unusual public letter to customers explaining why the medical transcription services vendor has decided not to report the NotPetya malware attack on the company to federal regulators as HIPAA breach. How did Nuance make its determination?
Organizations rely on a variety of outside firms to deliver security services. But how can they get the most value? Catherine Buhler, CISO of BlueScope Steel, shares how she challenges managed security services providers.
A lot of the risk to an organization's reputation is caught up in how an organization is able to respond to a cyber attack. Over the years, organizations have suffered serious consequences from a cyber attack. They've lost a lot of data, and the public response to those incidents has really further damaged the...
Many organizations trying to secure privileged access for employees or vendors focus solely on the privileged credentials or identities. But that's only half the battle. Securing the access pathways is just as critical to protecting your critical systems and data from cyberthreats. This session will outline the six...
When it comes to breach preparation, it isn't just about protecting IT assets. Increasingly, the conversation is about reputational risk management, says Jacob Olcott of BitSight Technologies.
In an interview about reputational risk management, Olcott discusses:
The intersection of cybersecurity with...
Embrace an approach that fully automates the delivery and management of infrastructure and application components, including network and security services to accelerate IT service delivery, and respond faster to the dynamic needs of a digital business. This practical guide shows you how.
VMware and Intel enable IT...
When it comes to breach preparation, it isn't just about protecting IT assets. Increasingly, the conversation is about reputational risk management, says Jacob Olcott of BitSight Technologies.
A bipartisan group of lawmakers has introduced legislation to modernize the U.S. federal government's information technology, a measure that, if enacted, could improve system security.
