What are information security standards? 

What are information security standards

An information security standard is a series of documented processes that define how to implement, manage, and monitor various security controls. As well as providing a blueprint for mitigating risk and reducing vulnerabilities, cybersecurity standards and cybersecurity frameworks typically detail the necessary steps for achieving regulatory compliance.     Let’s look at information security standards, why they’re important, and the consequences of failing … Read More

How to find the right cybersecurity tools for your organisation

How to find the right cybersecurity tools

Choosing the right tools for cybersecurity will have a significant impact on your organisation’s ability to respond to risks.  Cybersecurity tools are designed to protect organisations from cybercrime and/or malicious attacks. Tools for cybersecurity can either be proactive or reactive. In layman’s terms, this means that they can either help your organisation reduce cyber risk or, on the other hand, … Read More

How to reduce security risks in supply chain 

How to reduce security risks in supply chain 

In today’s interconnected world, organisations not only have to contend with threats to their own cybersecurity, but they also have to be concerned about attacks on their supply chain as well. Supply chain risk can significantly increase an organisation’s attack surface – and the bigger the supply chain network, the more opportunities there are for a malicious actor to access … Read More

How to choose a cybersecurity framework that works for you

How to choose a cybersecurity framework that works for you

A cybersecurity framework provides security teams with a set of standards and a common language across borders and industries to understand security postures. With a cybersecurity framework in place, it can help define the procedures and processes that your organisation must take to monitor, asses and mitigate cybersecurity risk.  Let’s take a closer look at the most common cybersecurity frameworks.  … Read More

Why do you need a cloud security posture management (CSPM)?

cloud security posture management or CSPM

What is cloud security posture management or CSPM? Cloud security posture management (CSPM) is a key element of cloud data security that scans cloud environments and alerts security teams to configuration vulnerabilities and compliance risks in cloud services.   CSPM automates the identification and restoration of risk across cloud infrastructures, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as … Read More

Breaking down new SEC rules on cybersecurity risk management

Breaking down new SEC rules on cybersecurity risk management

What are the new SEC rules on cybersecurity risk management disclosure? The Securities and Exchange Commission (SEC) has introduced new rules to enhance and standardise disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.  According to the SEC rules on cybersecurity, proposed amendments to already existing rules would require, among other things, current reporting about material … Read More

Why a Cyber Security Posture Assessment is a must?

Why you should conduct a cyber security Posture Assessment

Why you should assess you cyber security posture? To figure out whether you need a security posture assessment, let’s first look at some facts. As enterprises move to the cloud, tens and thousands of assets are being migrated to cloud storage servers. In fact, according to a recent study, 61% of companies made the switch to the cloud in 2021 … Read More

What should you cover during a cloud security audit?

RiskXchange What should you cover during a cloud security audit RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange generates objective and quantitative reporting on a company’s cyber security risk and performance for your cloud security audit. The 2021 Verizon Data Breach Investigations Report (DBIR) highlights that 73 percent of cyberattacks involved cloud assets during 2020, which is a dramatic increase from the 27 percent recorded in 2019. Not only does this show that cloud security incidents and … Read More

Leveraging common vulnerabilities and exposures (CVE) to strengthen cybersecurity posture

RiskXchange Common Vulnerabilities And Exposures Database RiskXchange The leader in Third-Party Cyber Risk Management

As organisations across finance, healthcare, and logistics continue to transfer their operations to cloud-based applications, it raises concerns about third-party vendor attacks. Cyber attacks via third parties and vendors have been on the rise in recent years. Research shows over 1,767 reported data breaches in 2021, and experts claim that this number will go up within the next few years. … Read More