25 days ago

Securing Vendor Relationships: The Crucial Role of Third-Party Audit

Guest submission by: Nazy Fouladirad, President and COO of Tevora, a global leading cybersecurity consultancy.

Many modern companies grow their operations by working with remote teams and cloud-based systems. However, as cybersecurity threats are growing and data protection laws are becoming more strict, data security, in particular with third-party entities, is of utmost importance.

Third-party audits verify vendor practices align with security and regulatory requirements to protect sensitive information. As businesses navigate their digital transformations, these audits strengthen vendor relationships while ensuring data integrity for everyone.

1 month, 1 day ago

Toward a Standardized Security Reference Architecture for SMBs and Small Governments

By John Linford, Security Portfolio Forum Director, The Open Group & Michelle Horrobin, Digital Portfolio Director, The Open Group

As has become evident in recent years and even months, modern organizations offer new products which are, more and more, dependent on digital components, and need to be secure to avoid falling victim to increasingly sophisticated and increasingly frequent cyber attacks. On top of having organizational, internal reasons for improving their security posture, these organizations also must keep up with increasing scrutiny and compliance requirements from governments and regulatory agencies, as well as customers and partners. Consequently, not only might a successful cyber attack leave an organization unable to operate, but it might also result in media backlash and fines and judgements for breaches and violations for the organization.

1 month, 17 days ago

IMF Warns Cyberattacks Threaten Banking Collapse, Financial Firms Must Fortify Defenses

Five ways threat actors attack banks and financial institutions. By Erich Kron According to the International Monetary Fund, cyberattacks against the banking and financial services industry are increasing exponentially. The threat level is currently so…

2 months, 1 day ago

Improving Return on Security Investment: Threat Modeling and The Open Group Open FAIR™ Risk Analysis as a KPI for Agile Projects

The first three posts of this series have laid plain the need to supplement ongoing threat modeling activities with quantitative risk analysis, such as the process described in The Open Group Open FAIR™ Body of Knowledge. They’ve briefly discussed a way to incorporate Open FAIR Risk Analysis in the threat modeling process and illustrate how the results would improve return on security investment by deliberately selecting cost-effective combinations of controls. But questions remain:

2 months, 4 days ago

Upcoming BIL-T Conference Will Address ‘Navigating the Hype: Practical Strategies for Emerging Tech in Architecture’

Iasa Global, the world’s leading professional association for technology, business, and enterprise architects, will host a powerful new BIL-T Conference on May 16, which will address “Navigating the Hype: Practical Strategies for Emerging Tech in…