ThreatWorx Attenu8 – Vulnerability Prioritization aligned with CISA SSVC
Much has been said about vulnerability prioritization by different cybersecurity vendors, but the absence of a standard guide from an authoritative source had left much to be desired. Well that wait of now over, Cybersecurity and Infrastructure Security Agency (CISA) recently published the CISA Stakeholder-Specific Vulnerability Categorization (SSVC) guide. It is basically a customized decision tree […]
Top 5 cybersecurity myths busted!
Cybersecurity landscape is laden with myths and misconceptions. In this article we will look at top 5 myths for a good “reality check”. Myth #1 – Poor proactive security is acceptable as long as you have good reactive cybersecurity. Reality #1 – Good focus on proactive cybersecurity ensures good cybersecurity posture for the organization. Sadly this is […]
Beyond risk-based cybersecurity…
A 2019 article from McKinsey titled “The Risk-based Approach to Cybersecurity” talked about the need for organizations to move from a “maturity-based” to a “risk-based” approach to cybersecurity. First let us get clarity on some definitions from that article here. Cyber risk is just another kind of operational risk and cyber risk is not the same as cyber threat. […]
How cyber insurance can incentivize cyber security?
In the previous article, we saw how taking a Proactive Approach to Cyber Security is key and how it relates to Cyber Insurance. In this article we will see how cyber insurance can incentivize better cyber security practices amongst policy holders. RUSI (Royal United Services Institute) for Defense and Security Studies published a paper titled “Cyber Insurance […]