The Federal Emergency Management Agency (FEMA) 2022's Nonprofit Security Grant Program webinar will include an overview of resources available for security enhancements to nonprofit organizations at high risk of attacks.
How and when security measures are integrated into application development can greatly change the vulnerability level of software. Compare two cybersecurity strategies: DevSecOps and SecDevOps to see which makes more sense for your organization.
Foregrounding transparency can go a long way in securing your organization's technology and workforce, according to four cybersecurity experts from Intel. Suzy Greenberg, Vice President of Communications and Incident Response; Maggie Jauregui, Offensive Security Researcher; Katie Noble, Director of Intel's Product Security Incident Response Team (PSIRT) and Bug Bounty; and Amit Elazari, Director of Global Cybersecurity Policy discussed transparency in bug bounty and vulnerability disclosure programs, as well as gender parity in cybersecurity.
The Cybersecurity and Infrastructure Security Agency (CISA) has identified several potential risks of autonomous vehicles in transit systems and supply chains. Along with these risks, CISA has introduced a set of guidelines for organizations who use autonomous vehicles in their operations.
Oftentimes, security leaders and organizations need more clarification about the types of cybersecurity assessment services. Let's look at the goal of each service, its scope and the methodology used.
Vulcan Cyber released the results of its latest vulnerability remediation maturity research project. A survey of more than 100 enterprise security executives across North America and EMEA found that most enterprise cybersecurity and vulnerability management organizations lack the ability to drive remediation initiatives, to reduce risk and achieve acceptable levels of cyber hygiene.
COVID made “flatten the curve” a household phrase in 2020, but did you know the concept also applies to vulnerability exploits? It turns out that what’s past is prologue in exploit trends. By tracking which attacks are being exploited the most, organizations discover important information to help proactively determine their vulnerability and risk. But it is also important to track attacks where activity has increased the most within a specified timeframe. It only takes one critical exploit to cause significant damage and, once inside the network, the attacker will need to move laterally and probably deploy additional exploits. That’s why understanding which exploits have the greatest likelihood of arriving on the network’s doorstep helps organizations prioritize patch management and risk assessment. This remains top of mind as cyber adversaries continue to maximize vulnerabilities, as we have recently seen with DearCry ransomware, for example.
In a new study that surveyed enterprises with 3,000 or more employees, 60% of respondents are concerned pentesting gives them limited coverage or leaves them with too many blind spots.
Pennsylvania Governor Tom Wolf announced the availability of $5 million in funding for security enhancement projects for nonprofit organizations serving diverse communities throughout the commonwealth. Grant awards can range from $5,000 to $150,000 for a wide variety of eligible items, including: Safety and security planning and training; Purchase of safety and security equipment and technology; Upgrades to existing structures that enhance safety and security; and Vulnerability and threat assessments.
Pennsylvania Governor Tom Wolf announced the availability of $5 million in funding for security enhancement projects for nonprofit organizations serving diverse communities throughout the commonwealth. Grant awards can range from $5,000 to $150,000 for a wide variety of eligible items, including: Safety and security planning and training; Purchase of safety and security equipment and technology; Upgrades to existing structures that enhance safety and security; and Vulnerability and threat assessments.
The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.
