Implementing risk quantification into an existing GRC program

With a myriad of risks and limited security budgets, how do organizations decide which projects to prioritize? Many governance, risk management and compliance (GRC) professionals believe risk quantification is the answer. Because risk-free operations don’t exist, risk quantification isn’t merely desirable — it’s necessary. And it plays an essential role in every business decision and […]

Continue Reading

The evolution of DRaaS

The shift of daily production workloads from on-premises to cloud has also impacted approaches to protection of business assets and operations. When it comes to protecting critical information and achieving the ability to recover following a disruptive event such as a natural disaster, power outage, technical failure, or cyber incident, the methods and innovations of […]

Continue Reading

Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings

Security misconfigurations are one of the most common gaps hackers look to exploit. One bad configuration setting in a popular cloud platform can have far-reaching consequences, allowing threat actors to access an abundance of valuable, personal information and use it to their advantage. Over the last 12-18 months, the COVID-19 pandemic has driven the rapid […]

Continue Reading

The complexities of vulnerability remediation and proactive patching

In this interview with Help Net Security, Eran Livne, Director, Product Management, Endpoint Remediation at Qualys, discusses vulnerability remediation complexity, the challenges related to proactive patching, as well as Qualys Patch Management. What makes vulnerability remediation a complex task? Most vulnerability remediation involves multiple teams and processes – first, a scanning tool identifies vulnerabilities, and […]

Continue Reading