Supply Chain threats and industry / government initiatives like EO 14028 are driving a deeper understanding and a set of requirements for applying supply chain risk management (SCRM) and increased transparency (ex. SBOM) across the software ecosystem up and down the stack. Platform and system firmware present unique challenges for supply chain assu...
Insurance premiums for ransomware are getting more expensive, but organizations continue purchasing cyber-specific plans, according to research and industry experts.
New York’s Department of Financial Services hit OneMain Financial with a massive penalty, reflecting the severity of security failures found during an audit tied to multiple data breaches.
The CISO who can speak to the financial implications of cyber risk will be able to successfully work amongst the C-suite and in the board room to prioritize and address cyber initiatives. Building a view of the financial implications of those risks based on real data enhances not only the CISO’s decision-making ability but also the CISO’s credibili...
It’s the largest fine issued under the stringent privacy violation. Under the dispute resolution, Meta is also required to stop transferring data from Facebook to comply with GDPR.
Risk assessment questionnaires are a standard practice when evaluating current or prospective third-party partners. And yet some folks may justifiably ask: How valuable are these questionnaires if there are no consequences for fudging your answers, or even outright lying? This session will examine common weaknesses and oversights in the third-party...