Page 22 - White Papers in Governance & Risk Management

SANS Buyer Guide

Vulnerability assessment has been a security requirement for every major regulatory agency over the last 15 years. Yet, time and again, after-incident reports reveal that costly breaches, causing millions of dollars in damage, are a result of known vulnerabilities that went unpatched due to a lack of connection to...

Going Viral: The Challenges and Urgency of Managing Third-Party Risk

Modern cyber threats such as data breaches and attacks can have significant productivity and financial effects on the business, ranging from unexpected system downtime and business interruption to system damage and data loss. Managing these code-driven threats becomes more challenging and urgent as businesses...

A Security Manager’s Guide To Third-Party Risk Management

As a security manager, your primary task is to reduce risk and optimize efficiency within your organization’s third-party risk management program—a large undertaking to accomplish even with the help of a designated security team. Focusing on third-party risk management when your company adjusts to take on...

The CISO View: Protecting Privileged Access in a Zero Trust Model

The trend to a Zero Trust model of information security is gaining momentum. Digital transformation and enterprise mobility are rapidly eroding the traditional perimeter-based model paving way for Identity Security strategy across the enterprise. Zero Trust approach and Identity Security architecture become part of...

Achieve Zero Trust with Identity Security

Traditional perimeter-based security relies on trying to separate the “bad guys” from the “good guys” and assumes that systems and traffic within the confines of the corporate network can be trusted. Zero Trust assumes that the bad guys are already in your network and have access to your applications and...

eBook: FIDO Authentication

IT security professionals around the world agree that passwords are obsolete and should be considered as a relic of the past. The costs of maintaining passwords outweigh the benefits. Passwords are increasingly becoming predictable and leave users vulnerable to credential theft and compromise. Even the strongest...

A Strategic Guide for Transitioning to Adaptive Access Management

There can be no doubt that enterprise access requirements have radically changed in recent years. Workforces are more mobile than ever before, and the COVID-19 pandemic has irrevocably accelerated remote work requirements and related challenges. The IT resources users access are no longer sequestered on secure...

Compliance in the Age of Digital Collaboration

In today's business landscape, more people are working remotely. Far-flung teams work together across geographies and time zones. And your users are finding new ways to collaborate. Is your organization struggling to keep up? Download this e-book to explore the challenges of capturing and managing Slack, Microsoft...

Making the Move to Cloud-Based Archiving: A Step-by-Step Guide

Our digital world is generating a massive explosion of data coming from multiple communication channels. Legacy archiving systems are struggling to keep up. To ensure compliance, easily legal e-discovery and reduce risk, many enterprises are looking to migrate to a modern cloud-based archiving solution. It's a big...

Railway Control, Signaling & Train Protection Handbook: EN 50128 Compliance

This convenient handbook for the Functional Safety Standard EN 50128:2011 - “Railway applications - Communication, signaling and processing systems - Software for railway control and protection systems" - is all you'll need to get "on board" with this standard. Currently the systems included under EN 50128...

All Aboard! How Rail Companies Can Achieve EN 50128 Compliance

If you're not "on board" with the Functional Safety Standard EN 50128:2011 - “Railway applications - Communication, signaling and processing systems - Software for railway control and protection systems" - you'll need to run to catch up. Currently the systems included under EN 50128 include signaling, railway...

Findings From Examining More Than a Decade of Public ICS/OT Exploits

Dragos is currently tracking 3000+ Common Vulnerabilities and Exposures (CVEs) that affect ICS/OT networks. Of those, more than 400 CVEs have at least one publicly available exploit. Public exploits affect every level of an industrial environment, providing adversaries pre-packaged tools capable of infiltrating an...

Seven Steps To A Successful Digital Transformation Strategy

Digital transformation is a journey that requires a cultural, technological and operational shift that puts the end-user experience at the forefront. By migrating applications to cloud-first infrastructure and delivering services digitally, organizations have more freedom to adapt to customer and business needs. But...

eBook I 4 Ways to Bolster Cyber Risk Management and Compliance in a Covid-19 World

In 2020, 16 million COVID-19-related threats, including malicious URLs, spam, and malware were detected, according to a Trend Micro report. At the start of the pandemic, many IT and cybersecurity measures were hastily put into place to deal with the crisis. Today, organizations must take stock of these measures, and...