Information Security Magazine: March 2009 - Sky-High Risk?
By: Information Security Magazine View more from Information Security Magazine >>
Download this next:
The CISO Survival Guide to Third-Party Software Risk Management (TPSRM)
By: Reversinglabs
Type: eBook
Modern businesses rely on third-party commercial-off-the-shelf software, but many lack strong practices for managing the risks involved.
The rise of software supply chain attacks targeting third-party software providers and rising regulatory pressure has spurred cybersecurity and risk leaders to pay special attention to commercial software and the gaps it presents across the software supply chain.
The CISO Survival Guide: Operationalizing Third-Party Software Risk Management offers a roadmap to build a successful TPSRM program. This guide covers:
- Challenges in evaluating third-party software
- Why traditional methods (SBOMs, questionnaires) fall short
- Steps to launch a scalable TPSRM program
These are also closely related to: "Information Security Magazine: March 2009 - Sky-High Risk?"
-
The 2025 Software Supply Chain Security Report
By: Reversinglabs
Type: Research Content
ReversingLabs released its third annual Software Supply Chain Security Report, spotlighting mounting attacks on AI, Crypto, Open Source, and Commercial Software.
The 2025 report compiles 12 months of data and research to identify trends in software supply chain risks. It details the growing sophistication of software supply chain attacks fueled by widespread flaws in open-source and third-party commercial software.
Download the report to learn more about:
• Exposures in third-party commercial software
• How software supply chain attacks became more sophisticated
• The growing secrets exposure in open-source
• The gaps and limitations in CVE data
• Key trends shaping software security in 2025 -
3 tips for improved information risk management
By: Tanium
Type: White Paper
Information and security management have often been measured in terms of costs incurred, instead of business outcomes achieved. Although this is changing, digital transformation presents new challenges for enterprises that want to gain a clearer view of their IT assets, technology risks and vulnerabilities.
Learn how senior leaders are addressing this challenge with new strategies to embed information risk management into the fabric of how they do business.
Find more content like what you just read:
-
Top IT security priorities: Addressing risk management and compliance
By: Dell Software
Type: eGuide
In this expert e-guide, we explore the issues of IT risk management and compliance. You'll learn about best practices for audits, the role log reviews play in monitoring IT security, how to build authentication into access management systems, and more.
-
Your path to a mature AppSec program
By: Veracode, Inc.
Type: eBook
Due to the sensitive data they contain, applications are often the target of cyberattacks – and unfortunately, application security approaches are rarely equipped to handle today’s threats. Read this e-book to learn how to modernize your application security approach.
-
SecOps automation: 10 FAQs before embarking on your journey
By: Palo Alto Networks
Type: eBook
This e-book offers a guide for deploying SecOps automation, focusing on key considerations, defining use cases, best practices, and starting simple with an easy-to-follow plan. Read the e-book to get started and to pave your way to SecOps automation success today.
-
Upload security: Understanding your posture & more
By: Deep Instinct
Type: White Paper
Organizations accept files through their web applications to run their business. But, files being uploaded by customers could contain malware or some other risk that could hurt your business. What is scarier is that 80% of successful breaches come from zero-day attacks. Read on to learn more and don’t let malicious files stay like uninvited guests.
-
Bitdefender and Ferrari collaborate to enhance cybersecurity
By: Bitdefender
Type: Case Study
Bitdefender recently partnered with Ferrari to provide advanced threat intelligence, enabling faster detection and response to cyber threats. This case study highlights how Ferrari leverages Bitdefender's expertise to strengthen its cybersecurity posture and protect its iconic brand. Read the full case study now to learn more.
-
Best practices for enhancing cybersecurity with automation
By: Bitdefender
Type: eBook
Streamlining security operations with automation and XDR can enhance efficiency, reduce risks, and empower security teams. In this e-book, you'll learn how to simplify incident response, leverage XDR, and implement best practices to strengthen your cybersecurity posture. Read on now to learn more.
-
ESET Threat Report Highlights: The Malware Power Shift – Winners, Losers, and Rising Threats
By: ESET
Type: Research Content
ESET's Threat Report highlights shifts in cybersecurity, including the takedown of RedLine Stealer and LockBit, the rise of Formbook as a top infostealer, and threats like deepfake scams and crypto theft. Discover global cybercrime trends and how ESET Threat Intelligence aids organizations. Read the full report for more details.
-
An integrated risk strategy defined: What you need to know
By: Oversight Systems
Type: White Paper
This white paper explores adopting an integrated risk strategy by connecting the three lines of defense for effective risk management. It covers AI-powered platforms, continuous monitoring, and aligning finance, compliance, and audit teams. Discover how to enhance risk mitigation and optimize spend management by reading this white paper.
-
Benefits of a machine-led, human-powered security platform
By: Palo Alto Networks
Type: eBook
Cortex XSIAM is a new AI-driven security platform that unifies data, analytics, and automation to transform the security operations center. It delivers dramatically better attack protection with minimal analyst involvement. Read the e-book to learn how Cortex XSIAM can outpace threats and streamline your security operations.
-
The CISO Survival Guide to Third-Party Software Risk Management (TPSRM)
By: ReversingLabs
Type: eBook
The rise of software supply chain attacks targeting third-party software providers and rising regulatory pressure has spurred cybersecurity and risk leaders to pay special attention to commercial software and the gaps it presents across the software supply chain. Read this 18-page guide for risk management guidance.
-
11 features of machine-led, human-empowered security
By: Palo Alto Networks
Type: eBook
Advanced cyberthreats necessitate an advanced security posture. This white paper maps out how, with Cortex XSIAM, you can advance your organization's posture through a machine-led, human-empowered approach. To learn about how the platform works and the outcomes it has driven for Imagination Technologies Group, read on.
-
How to strengthen your security posture in 2025
By: Core BTS
Type: White Paper
This white paper examines the evolving cybersecurity landscape, including AI-powered attacks, supply chain vulnerabilities, and IoT security challenges. It outlines key trends, best practices, and industry-specific concerns. Read on to gain insights into the future of cybersecurity and learn how you can strengthen your security posture.
-
Discover how banks are successfully transforming risk management
By: SAS
Type: Research Content
There is now an urgent need for banks and financial institutions to update risk management. Instead of evaluating threats in silos, banks must understand how different events are interconnected, and identify risks rapidly. This report explores the urgent need for banks to modernize risk management and key findings from a survey of 300 global banks.
-
Cybersecurity self-assessment quiz: Discover where your organization stands
By: Corsica Technologies
Type: Assessment Tool
Assess your organization's cyber preparedness with a free quiz on key security elements like risk assessments, mobile device management, employee training, network monitoring, detection software, and stakeholder reporting. Identify your defenses and potential vulnerabilities. Take this self-assessment quiz for personalized cybersecurity results.
-
Going Beyond the SBOM: Bringing Control to Third-Party Software Risk
By: Reversinglabs
Type: White Paper
Going Beyond the SBOM highlights the limitations of traditional SBOMs and vendor risk assessments in identifying and mitigating software supply chain risks. Further outlining how security and risk professionals can manage third-party software security risk on their own terms.
-
The Definitive Guide to Software Supply Chain Security: Moving Beyond Traditional AppSec
By: Reversinglabs
Type: Buyer's Guide
Despite risks from software mounting, organizations are mistakenly relying on software composition analysis and other legacy application security testing tools (AST), which offer limited visibility and scalability. Download this guide to learn more about how legacy AST tools miss key attack vectors in the modern software development lifecycle.
-
Get Advanced Threat Protection and Secure Connectivity with FortiEndpoint
By: Fortinet, Inc.
Type: Product Overview
Integrating ZTNA, EDR, and XDR is crucial for organizations to protect their networks and endpoints. FortiEndpoint provides strong protection and seamless remote access and enhances overall security. Continuous monitoring, behavior-based detection, and automated responses improve security operations. Access this brief to learn more.
-
New industry insights from Kaspersky's 2024 MDR report
By: Kaspersky
Type: White Paper
Kaspersky's MDR report reveals 2024 cybersecurity insights. Read the report to understand the evolving threat landscape and strategies.
-
Achieve Cloud Application Resilience with Hyperfast Recovery
By: Commvault
Type: White Paper
Recovering data after a breach is only half the story. Rebuilding the cloud is slow, manual, and astronomically expensive. Download this ebook to learn how to rebuild cloud apps and rewind the entire business to the moment before the breach.
-
Cloud-Native Data Replication Management for Application Resilience
By: Commvault
Type: White Paper
In this eBook, you will learn how to automate cloud reconfigurations to ensure consistent data availability during outages and leverage point-in-time replicated data copies to recover from ransomware attacks and other data loss scenarios.
-
Separating Hype from Reality in Human Risk Management
By: CultureAI
Type: Webcast
It's time to separate reality from the hype. Starting with the term "human risk management" itself: What is it, why is everyone talking about it, and how is it different from security awareness and training? CultureAI cuts through the noise and delivers practical, actionable insights in this webinar.
-
Case study: How data-driven coaching combats human risk
By: CultureAI
Type: Case Study
CC Young, an accounting firm, needed a modern approach to address risky employee behaviors. CultureAI's Human Risk Management Platform provided data-driven coaching and phishing, leading to immediate value and time savings. Read the full case study to learn how CC Young achieved rapid time-to-value with CultureAI.
-
Research: The State of Human Risk Management
By: CultureAI
Type: White Paper
This report examines human risk management in 2024, evaluating security awareness training and human risk management solutions. It offers insights on mitigating human-related data breaches and outlines strategies for organizations to enhance security. Read the full report to learn more.
-
Understanding Today's Threat Actors
By: Fortinet, Inc.
Type: White Paper
Explore insights from incident responders on the evolving threat landscape. Discover how threat actors are gaining access through valid credentials and disabling defenses. Learn how to detect and disrupt attacks before they succeed. Read the full white paper for more details.
-
10 questions to ask your software firewall vendor
By: Palo Alto Networks
Type: eBook
In this free Software Firewalls for dummies e-book, discover everything you need to know about today’s demands for software firewalls and zero trust, and find out the 10 essential questions you need to ask your software firewall vendor.
-
Interactive application security testing for better DevSecOps
By: Contrast Security
Type: White Paper
With modern application development operating at break-neck speeds, DevOps teams pressured by deadlines are often forced to compromise security for efficiency's sake. This white paper examines the benefits of using interactive application security testing to mitigate the security risk and complexities of using DevSecOps. Read on to learn more.
-
Market Guide for Digital Forensics and Incident Response Retainer Services
By: Palo Alto Networks
Type: Gartner Research Report
Digital forensics and incident response (DFIR) retainer services help organizations assess and manage security incidents. Learn how to evaluate DFIR providers, understand market trends, and prepare for effective incident response. Read the full Gartner report.
-
Strategies to address local government cybersecurity challenges
By: Schneider Electric
Type: eBook
Local governments face cybersecurity challenges like sophisticated threats, staffing shortages, and decentralized infrastructure. Schneider Electric's edge computing and infrastructure management solutions help monitor, secure, and control distributed IT environments. Learn how to turn these challenges into opportunities by reading the full report.
-
Top 5 security concerns for CISOs and how to address them
By: Palo Alto Networks
Type: White Paper
This white paper explores 5 key security concerns for CISOs, including supply chain attacks, cloud security, and overloaded security teams. Get expert guidance on how to address these issues and prepare your organization for evolving cyberthreats. Read the full white paper to learn more.
-
Everything you need to know to calculate the ROI of an MDR
By: Bitdefender
Type: White Paper
This white paper explores how to calculate the ROI of outsourcing your cybersecurity with a Managed Detection and Response (MDR) service. Inside, you'll learn how to calculate the costs of building an in-house team versus partnering with an MDR provider. Read on now to discover how you can maximize your security investments.
-
How to get the most out of your risk management strategy
By: OneTrust
Type: Webcast
In this webcast, you’ll gain insights from a panel of industry experts as they share quick tips and best practices for measuring the ROI of your risk management program. Tune in now to find out how you can make the most of your strategic investments and better protect your organization from risk.
-
Quickly identify, prioritize, and fix software vulnerabilities
By: Veracode, Inc.
Type: eBook
Discover how to quickly identify, prioritize, and fix software vulnerabilities with Veracode's AI-driven remediation. Eliminate security technology debt and deliver secure, cloud-native applications at scale. Read the e-book to learn more.
-
The Essential Guide to MITRE ATT&CK
By: Palo Alto Networks
Type: Research Content
Discover how Palo Alto Networks' Cortex XDR performed in MITRE's 2023 cyberattack simulations versus Turla. Achieving 100% visibility, it blocked all techniques, ensuring top-quality detections. Delve into the results and uncover Cortex XDR's effectiveness in this report.
-
Urban Myths About Secure Coding
By: Veracode, Inc.
Type: eBook
Urban myths, whether rooted in reality or fabricated entirely, have the power to change perception. Read this e-book which is designed to rectify these misconceptions by presenting six common urban myths about secure coding and giving practical guidance for how to overcome them.
-
New study reveals business value of cloud data protection
By: Zscaler
Type: Analyst Report
Businesses are racing to embrace cloud and mobility. This new study from IDC demonstrates how Zscaler Data Protection solutions ensures effective and efficient data security. Organizations using Zscaler described improving data security regardless of user location or means of access. Download the report today!
-
The Oversight Spend Insights Report
By: Oversight Systems
Type: eBook
This report analyzes patterns of fraud associated with missing receipts, a common early indicator of potential expense account abuse. Learn how AI can help identify these risks and protect your organization's resources. Read the full report to learn more.
-
Cybersecurity Megatrends And Their Implications For Cyber Protection
By: Kaspersky
Type: eBook
Discover how cybersecurity megatrends impact your organization and the evolving threat landscape. Learn how to secure remote access, build user trust, and choose the right protection - EPP, EDR, or XDR. Download this e-book to learn more.
-
5 Essential Steps to SOC Transformation
By: Palo Alto Networks
Type: White Paper
This guide explores five essential steps to transform your security operations center (SOC) for the modern threat landscape. Learn how to elevate your SOC with automation and AI to better detect, investigate, and respond to threats. Read the full SOC Transformation Guide to optimize your security operations.
-
Expert recommendations for addressing the spike in extortion
By: Palo Alto Networks Unit42
Type: eBook
Although recovering from offline backups can provide some protection against encryption-only ransomware attacks, organizations must take additional measures to prepare for threat actors who extort victims. Browse a detailed view of the observations of Unit42 and discover expert recommendations for addressing them.
-
Exploring the Darknet
By: Bitdefender
Type: eBook
This e-book explores the hidden world of the darknet and its diverse subcultures, from cybercriminals to whistleblowers. Inside, you'll delve into the evolution of cybercrime, the social structures, and the challenges faced by law enforcement. Download now to understand the complexities of the darknet.
-
Evolving Cyber Threats and Human Risk Management
By: CultureAI
Type: White Paper
As the cyber threat landscape evolves, employees have become the new security perimeter. Explore the top 2025 threats, including undetectable attacks and the decline of traditional training. Learn how Human Risk Management can protect your workforce. Read the full research content.
-
Enhancing Account Security and User Experience for Adobe
By: Arkose Labs
Type: Case Study
Adobe enhanced its account registration security to detect and stop fraudulent accounts more effectively, while improving the user experience. Learn how they partnered with Arkose Labs to reduce fake accounts by 90% and increase good user throughput. Read the full case study.
-
Simplify cybersecurity risk management across your attack surface
By: Cloudflare
Type: White Paper
As cybersecurity risks expand, CISOs need a unified approach to evaluate, exchange, and enforce risk posture across users, apps, and data. Learn how to simplify risk management and optimize security investments in this e-book.
-
How banking incidents are redefining third-party risk management
By: SDG Corp
Type: White Paper
News about large vendors' power outages, like the incident with Capital One, highlights third-party risk management challenges in banking. Customers faced delayed deposits, inaccessible accounts, and payment disruptions. Read this artible for steps to strengthen your business against cyber and legacy infrastructure risks.
-
Threat Report H2 2024
By: ESET
Type: Analyst Report
This threat report examines key cybersecurity trends in H2 2024, including the rise of RansomHub as the leading ransomware-as-a-service, a surge in cryptostealers, and new mobile phishing tactics using PWAs. It also covers infostealer landscape shifts and emerging scams targeting online bookings. Read the full report for comprehensive insights.
-
10 steps for assessing cyber risk for cyber insurance
By: Tanium
Type: Product Overview
Managing and protecting the thousands of devices that are connected to your network has never been more challenging. Cyber insurance is a key tool to mitigate the associated risks. Explore 10 steps for assessing cyber risk for cyber insurance when you download this guide.
-
Incident Response Report 2024
By: Palo Alto Networks
Type: eBook
Download this e-book to learn how to empower your organization to proactively navigate cyber risks, strengthen security approaches, and respond to incidents with unmatched efficiency.
-
Decoding AI and Machine Learning in risk-based Authentication: What you need to know.
By: One Identity
Type: White Paper
Explore how AI and machine learning enhance risk-based authentication to balance security and usability. Learn how context-aware authentication can protect against threats while providing a seamless user experience. Download the white paper to discover the benefits of AI-powered authentication.
-
Time To Adapt: The Future of Human Risk Management (HRM)
By: CultureAI
Type: Webcast
Join Forrester's VP, Principal Analyst, Jinan Budge, and CultureAI Founder & CEO, James Moore, as they explore how quantifying and managing human risk is pivotal to the future of security.
-
Frost & Sullivan's 2024 Global Competitive Strategy Leadership Award
By: Utimaco
Type: Analyst Report
Frost & Sullivan names Utimaco a Competitive Strategy Leader in post-quantum cryptography. Utimaco's expertise in deploying hardware security modules positions it as a key partner for organizations migrating to quantum-resistant algorithms. Read the full analyst report to learn more.