A guide to cybersecurity metrics and KPIs

a guide to cybersecurity metrics and KPIs

Cybersecurity metrics are types of data a business tracks on a regular basis. Not only does this data help organisations make key decisions but also provides a basis for bolstering overall cybersecurity measures. Cybersecurity teams should have a set of metrics that they track regularly, some companies even track them daily.   Utilising the proper cybersecurity metrics and key performance indicators (KPIs) … Read More

Remediated vs mitigated – know the difference

Vulnerability remediated vs mitigated

You’ll hear the mentions of remediation and mitigation a lot in cybersecurity. They are terms often used interchangeably but there is a distinct difference between the two. Both play a key role in cybersecurity service providers’ risk-related decision-making. With that in mind, let’s take a closer look at remediated vs mitigated vulnerabilities so that you are aware of the fundamental … Read More

What is cyber risk modeling

Cyber risk modeling - why it's important

As malicious actors continue refining their attack methods, the average cost of a data breach is rising. Consequently, companies must devise cyber risk mitigation strategies and implement the required security controls to better protect their networks and infrastructure with an appropriate sense of urgency.   Unfortunately, the technical nature of cyber security means that IT personnel often have difficulty accurately conveying … Read More

What is an IT security gap?

Identifying IT security gaps

An IT security gap is a vulnerability that malicious actors can exploit in a company’s cyber security defences. Gaps in IT security represent the difference between a company’s current cyber security posture and their desired (or, in many cases, to achieve compliance, required) implementation of security policies and controls.   Let’s look at some of the most common IT security gaps … Read More

What is technology risk management?

Technology risk management guide

Technology risk management demands careful attention and a comprehensive plan. RiskXchange can deliver both.  Almost every business today relies upon technology to function. The use of computers, laptops, smart phones, tablets, and the internet, have created a technological foundation upon which businesses are built. This, however, opens up some major technological risks and where technology risk management comes in handy.  … Read More

What is cyber security risk mitigation?

What is cyber security risk mitigation

What is cyber security risk mitigation?  With a cyberattack occurring worldwide every 44 seconds, companies can no longer afford to be complacent about their cyber security posture. Similarly, organisations can’t adopt a “set and forget” mindset regarding their cyber security: which sees them institute policies and controls and expect them to be effective in the long term. Instead, companies need … Read More

What is the NIST framework?

What is a NIST framework

RiskXchange will not only help you understand the NIST framework but will find a cybersecurity framework that works for you and your business. Published by the US National Institute of Standards and Technology (NIST), the NIST cybersecurity framework is a set of guidelines used for mitigating organisational cybersecurity risks. The framework is based on existing guidelines, standards, and practices.   The NIST framework provides … Read More

How malware has evolved over time 

How malware has evolved over time 

One of the key reasons that organisations of all sizes can’t take their cybersecurity for granted is that nothing stays still for long. The methods that cybercriminals use to breach organisations’ defences and steal or compromise their sensitive data constantly evolve and grow increasingly sophisticated – and this is especially true of malware. To understand how to protect yourself from cyber … Read More

How to prevent a pharming attack & what it involves

How to prevent a pharming attack

A recent study has revealed that 88% of organisations worldwide have suffered a DNS attack in the past year. More alarmingly, each organisation experienced seven attacks on average – at $942,000 (£836,000) per attack. One of the most common forms of attack on DNS servers is known as pharming.   Let’s explore what a pharming attack is, how they occur, … Read More