This week’s Cybersecurity News in Review includes articles about government warnings of possible cyber attacks using remote software, CISA’s plans to stand up an office on supply chain risk management, the Biden Administration’s efforts to impose cybersecurity requirements on critical infrastructure sectors, the 2023 agenda for CISA’s public-private collaborative cyber group, and GSA’s plans for certifying vendor software security.
Continuous Cybersecurity Compliance: The Benefits Outweigh the Risk
Patrick Sullivan • January 24, 2023
Achieving compliance with internal policies and external regulations results from doing a great job securing all the components that drive your IT systems—people, processes, and platforms. The way to show your progress towards achieving compliance is to plan, execute and check your work against best practices. The compliance results ultimately validate that all that hard… Read more
A Rallying Call For Quicker Patching and Stronger Credential Security
Ryan Sydlik • December 13, 2022
Today’s security landscape is filled with nonstop ransomware attacks and massive incidents plaguing headlines every day. While patching may seem like a simple solution to a growing problem, IBM’s X-Force found that more than a quarter (26 percent) of all cloud compromises were caused by attackers exploiting unpatched vulnerabilities. Even more concerning, IBM’s penetration team… Read more