Blog
NIST CSF 2.0 – The New Govern Function
The NIST Cybersecurity Framework (CSF) version 2.0 adds a new Govern function to the CSF core. The new function includes action categories for establishing and monitoring cyber risk strategy, expectations, and policy and helps align cyber risk with overall enterprise risk.
Australia’s Essential Eight and the UK’s Cyber Essentials – An Overview
Read our overview of Australia’s Essential Eight Strategies and the UK’s Cyber Essentials scheme, how these frameworks help organizations guard against a wide range of cyber threats, and how to move closer to compliance.
Understanding CVSS and What’s New in Version 4.0
Version 4.0 of CVSS, published on November 1, 2023, introduces finer granularity into the system, enabling CVSS users to assess risk based on a wider set of factors – many of which are specific to the user environment.
CYRISMA Introduces Industry Comparison Capability
CYRISMA this week added the much-awaited Industry Comparison feature to the platform which will enable users to compare their cyber risk management performance against that of their peers within the same industry.
Cyber Risk Management in a New Digital Landscape
To manage cyber risk effectively take a holistic view of your digital environment, assess cyber threats in a wider context, and take a data-centric approach to cybersecurity – our concluding post for Cybersecurity Awareness Month
Beyond Vulnerability Management: Managing Cyber Risk Holistically
Organizations today need to go beyond vulnerability management to stay safe. In this post, we explore how IT & security leaders can expand the scope of their cyber risk assessment for all-round risk reduction.
Establishing Accountability in the Data Protection Process
For effective data protection today, organizations need to create a more cyber aware culture and shift the responsibility for securing sensitive data to data owners and users themselves.
Data-Centric Cyber Risk Management – Best Practices
In this blog post, we outline essential steps to manage cyber risk using a data-centric approach. Start by creating a data protection policy, followed by data discovery, protection, monitoring and breach response.
Cyber Risk Management Practices to Build a Secure Digital Environment
Essential cyber risk management practices to build a more secure and resilient digital environment. Get visibility into your attack surface, protect sensitive data, manage vulnerabilities, and maintain compliance.
PCI DSS Compliance
What is PCI DSS? Which entities does it apply to and how can organizations meet compliance requirements? Get your answers here.