Cybersecurity, risk and compliance news and thought leadership

What is vulnerability lifecycle management?

The latest version, ISO 27001 2022 was released on October 25. It replaces the 2013 version of ISO 27001. Let’s find out what the key changes are and how the latest revision to..

While NIST CSF and NIST Special Publication 800-53 have some overlap, they serve different purposes and are not subsets of one another. However, these frameworks can be used..

Risk identification helps project managers and organizations identify potential risks that may impact the success of a project or the overall business. By identifying these risks,..

What is a risk register? A risk register is a tool used to identify, assess, and prioritize risks in an organization. It typically includes a detailed description of each..

What is cybersecurity risk management? Cybersecurity risk management is a crucial procedure that revolves around recognizing, evaluating, and addressing potential risks to an..

The ASD Essential Eight strategies are used by organisations to improve their cybersecurity posture. Here are some common questions about the cybersecurity framework. What is ASD..

There has been an increase in the number of risk incidents and security breaches over the last decade. This, combined with stringent regulatory compliance requirements is pushing..

Vendor risk management is the process of identifying, assessing, and mitigating the risks associated with using third-party vendors. It involves conducting due diligence on..

According to a Ponemon report, 51% of organisations have experienced a data breach due to the involvement of a third-party entity. Vendor risk assessment is a key step in..

Risk management is a fundamental practice that organizations employ to identify, assess, and mitigate potential threats that may hinder their ability to achieve objectives..

Governance, Risk and Compliance (GRC) helps align IT activities, risk management, and compliance with governance processes to achieve business goals.