Security Industry Association

AUGUST 4, 2022

It’s important to promote a safe learning environment for every student and protect the teachers, staff and visitors in our schools, and SIA appreciates the many talented security professionals who are working diligently each day to enhance the safety and security of our schools and mitigate active shooter threats.

Activation 98

Activation Security Architecture Mitigation 98

Emergency Planning

MARCH 29, 2023

lifts [elevators] blocked: people possibly trapped in them trains stranded: people possibly stranded in them traffic control inoperable: possibility of accidents and queues at road junctions critical facilities (hospitals, police stations, etc.)

Transportation 208

Transportation Hospitality Sports Emergency Response 208

Pure Storage

DECEMBER 17, 2024

Data breaches often exploit vulnerabilities in software, weak passwords, or insider threats to gain access to critical systems and exfiltrate data. Cybercriminals exploit vulnerabilities in outdated systems or through advanced persistent threats (APTs). To fix these vulnerabilities: 1.

Security 52

Security Vulnerability Cybersecurity Cyber Resilience 52

LAN Infotech

APRIL 17, 2025

But what if I told you that your office printer yes, the one quietly humming in the corner could be one of the biggest vulnerabilities in your entire network? They process everything from payroll documents and contracts to confidential client information. It sounds ridiculous, but hackers love printers. Wait, WHY Target Printers?

Security 52

Security Malware Vulnerability Banking 52

Pure Storage

APRIL 3, 2025

They’re used to track system activity to detect anomalies, contain threats, and serve as crucial forensic evidence. If your ingestion (collection) and processing speeds are too slow, you don’t receive complete information in real time, which creates data gaps. This illustrates how a lot of storage exists now.

Cyber Resilience 104

Cyber Resilience Resilience Alert Cybersecurity 104

Bernstein Crisis Management

MAY 19, 2023

Key activities in this stage include: Risk analysis: Conducting a comprehensive analysis of the organization’s operations to identify potential threats and assess their probability and potential impact.

Crisis Management 202

Crisis Management Management Evaluation Authorization 202

Pure Storage

DECEMBER 20, 2024

Assessing Ransomware Risk with the Pure Storage Security Assessment by Pure Storage Blog Summary The Pure Storage Security Assessment is a comprehensive evaluation tool that helps organizations identify and address vulnerabilities in their storage environment and offers actionable steps to help them reduce exposure to threats.

Security 52

Security Vulnerability Backup Evaluation 52

Zerto

OCTOBER 24, 2024

On the other, it provides cybercriminals with sophisticated tools to exploit vulnerabilities. These emails can trick even the most vigilant users into revealing sensitive information. Automated vulnerability scanning AI-powered tools can scan vast networks for vulnerabilities at an unprecedented speed.

Cybersecurity 52

Cybersecurity Vulnerability Cyber Resilience Resilience 52

LAN Infotech

APRIL 17, 2025

Employees download and use unauthorized apps, software and cloud services often with good intentions but in reality theyre creating massive security vulnerabilities without even realizing it. Well identify vulnerabilities, flag security risks and help you lock down your business before its too late. What Is Shadow IT?

Malware 52

Malware Vulnerability Authentication Security 52

everbridge

NOVEMBER 11, 2024

During disasters, distracted, weakened, and vulnerable businesses and individuals are easy targets for cyber criminals. Additionally, the vulnerability of critical infrastructure like power grids, communication networks, and transportation systems during times of crisis makes them prime targets for state-sponsored cyberattacks.

Malware 52

Malware All-Hazards Response Plan Cybersecurity 52

Reciprocity

MARCH 3, 2025

Manual vendor management creates critical vulnerabilities through fragmented documentation and inconsistent security assessments. With each vendor potentially having access to protected health information (PHI), the challenge of managing third-party risk has become more complex and consequential than ever before.

Healthcare 52

Healthcare Management Risk Management Audit 52

LAN Infotech

NOVEMBER 21, 2024

Security Note: Collaboration tools can be a target for cyberthreats, especially when teams share sensitive information. Security Note: Data analytics tools handle large volumes of sensitive business information, making them a potential target for breaches. If needed, explore advanced options for deeper insights.

Cybersecurity 52

Cybersecurity Audit Evaluation Communications 52

LogisManager

JUNE 4, 2024

As a trusted advisor, you face the challenge of assembling information across functions and levels while maintaining a comprehensible picture of risk. These are questions that risk managers often grapple with when trying to provide the Board with the information they need. This creates a linear alignment of risk, activity, and goal.

Corporate Governance 105

Corporate Governance Strategic Risk Management Activation 105

everbridge

SEPTEMBER 25, 2024

The threat of an active assailant incident, while not new, remains a significant focus for organizations striving to protect their people and property. Organizations must assess their current vulnerabilities and tailor their plans to address specific threats, including potential active assailant incidents.

Activation 52

Activation Response Plan Benchmark Alert 52

Security Industry Association

MARCH 6, 2025

Trending sessions include: Two Worlds Colliding: How to Prevent Cyber-Physical Attacks Join us on The Bridge where two worlds will collide in a special chief information security officer roundtable on cyber-physical attacks. Find the full SIA Education@ISC schedule and event information here. For more information visit [link].

Education 69

Education Accreditation Cybersecurity Retail 69

Reciprocity

DECEMBER 17, 2024

Security Information Event Management (SIEM), vulnerability scanning/remediation, Intrusion Detection Systems/Controls, Security Operations personnel etc.) Need more information about FedRAMP? This can significantly reduce the time and effort needed during the assessment phase. Request a demo today. New to FedRAMP?

Authorization 52

Authorization Gap Analysis Audit Vulnerability 52

Security Industry Association

JANUARY 6, 2025

Effective protection of the asset, whatever it may be, and convenience of the operational security procedures of the perimeter do not need to be mutually exclusive if we approach the proposed solution in an informed way. We aim to expand the Perimeter Security Subcommittee to include all aspects of perimeter security in addition to barriers.

Security 59

Security Government Education Vulnerability 59

Reciprocity

DECEMBER 20, 2024

For more information about FedRAMP compliance requirements, read our guide on How to Comply with FedRAMP: A Practical Guide to Authorization The post The Role of GRC Software in FedRAMP Compliance: Essential Features and Benefits appeared first on ZenGRC. Ready to transform your approach to FedRAMP compliance? Request a demo today.

Audit 52

Audit Risk Reduction Authorization Alert 52

Security Industry Association

MARCH 1, 2024

One impactful group in this ongoing battle is the Common Vulnerabilities and Exposures Program (CVE). Spearheaded by the MITRE Corporation, CVE is a crucial framework for identifying and managing vulnerabilities across various systems. Risk mitigation: Identifying vulnerabilities is the first step towards mitigating risks.

Vulnerability 52

Vulnerability Security Mitigation Authorization 52

Zerto

JULY 6, 2023

The Need for Effective Ransomware Detection Ransomware attacks can strike businesses of all sizes and industries, wreaking havoc on their operations and leaving them vulnerable to extortion. Traditional security measures are no longer sufficient, since cybercriminals constantly evolve their tactics to bypass defences.

Resilience 115

Resilience Audit Cyber Resilience Malware 115

Solutions Review

SEPTEMBER 8, 2023

In this feature, Continuity ‘s CTO Doron Pinhas offers CISOs rely on information from across the organization about security, particularly from the various IT departments. Unfortunately, the information being fed to CISOs about the state of cybersecurity risk is incomplete. There is a blind spot present – a gaping hole.

Cyber Resilience 105

Cyber Resilience Backup Resilience Vulnerability 105

MHA Consulting

AUGUST 3, 2023

As a practical activity, enterprise risk management (ERM) centers on eight distinct risk domains, some strategic and some operational. Technological : Addresses risks concerning technology infrastructure, data security, cyber threats, and information breaches, safeguarding against technological disruptions.

Risk Management 95

Risk Management Management All-Hazards Mitigation 95

Reciprocity

APRIL 8, 2025

For example, Article 30 mandates maintaining detailed records of processing activities (ROPAs), while Article 35 requires Data Protection Impact Assessments (DPIAs) for high-risk processing. Teams often spend hours each week updating spreadsheets, cross-referencing information, and ensuring documentation remains accurate.

Activation 52

Activation Authorization Strategic Audit 52

Solutions Review

DECEMBER 12, 2024

MSPs without a thorough understanding of legal obligations may find themselves vulnerable to lawsuits and significant financial losses, emphasizing the need for legal expertise in their operations. The FTC and CFPB will become less activist, and state Attorneys General will become more active.

Vulnerability 52

Vulnerability Cybersecurity Malware Audit 52

Security Industry Association

OCTOBER 1, 2021

Earning the SICC demonstrates a high level of competence in physical, cyber and information security; learn more and get started here. You’ll learn key concepts covered on the SICC exam such as device security, software assurance, information security principles and more. SIAcademy LIVE! 5, join us for the next SIAcademy LIVE!

Cybersecurity 98

Cybersecurity Vulnerability Mitigation Manufacturing 98

LogisManager

JANUARY 14, 2025

Your team information is audit-ready at all times. Weak encryption or poor access controls can leave your data vulnerable to breaches. The more access you have to information, the easier it is to address risks proactively. AI can rank potential compliance issues or flag unusual activity in access permissions.

Audit 52

Audit Risk Management Security Vulnerability 52

Solutions Review

SEPTEMBER 1, 2023

Eliminating or resolving the threat is tempting but it often prevents the opportunity to analyze the threat actor’s actions, which can reveal a lot about their intent, target, and strategy, as well as the company’s own vulnerabilities. Scanning security measures will help identify any immediate gaps or vulnerabilities in your attack surface.

Vulnerability 98

Vulnerability Backup Disaster Recovery Capacity 98

MHA Consulting

SEPTEMBER 7, 2023

There’s no better way to achieve an ambitious, difficult goal such as moving an organization from a state of vulnerability to one of resilience than by breaking that journey down into steps, putting those steps into a sensible order, and tackling the steps one-by-one on a phased timetable. We think they’re essential.

BCM 105

BCM Resilience Vulnerability Business Continuity 105

Pure Storage

SEPTEMBER 16, 2021

In this article I’ll start with the before of an attack and discuss what you should do and have in place to ensure you’re closing the gaps that create vulnerabilities and in-roads for attackers. Poor password management practices and improperly secured endpoint devices can create vulnerabilities. What Happens Leading Up to an Attack?

Security 98

Security Vulnerability Malware Authentication 98

NexusTek

AUGUST 15, 2023

Could a fish tank thermometer be a portal hackers exploit to steal your customers’ financial information? This can create cyber vulnerabilities due to issues like lack of encryption, substandard authentication processes, or failure to provide timely security updates.

Manufacturing 98

Manufacturing Cybersecurity Vulnerability Internet 98

everbridge

MARCH 9, 2023

These sectors are typically identified by governments and international organizations and are recognized as critical because they are vulnerable to physical and cyber threats and attacks that could cause significant harm or disruption to society. This can be anything from passwords being leaked to legacy systems that have not been updated.

Vulnerability 105

Vulnerability Government Transportation Emergency Response 105

LogisManager

JANUARY 14, 2025

Once inside, they’ll access, steal and possibly leak sensitive information. They expose confidential information, which affects company reputations and leads to legal issues. Without the tools to uncover these interconnected risks, businesses could be exposed to dozens of vulnerabilities.

Mitigation 52

Mitigation Risk Management Audit Backup 52

Solutions Review

MARCH 31, 2025

Whether you’re safeguarding cloud workloads or securing petabytes of mission-critical data, the wisdom shared here is designed to inform, inspire, and elevate your data resilience strategy. Without proper oversight, sanctioned and unsanctioned SaaS applications can leave sensitive business information exposed.

Backup 59

Backup Resilience Cyber Resilience Vulnerability 59

Pure Storage

AUGUST 3, 2023

Threat modeling is the process of identifying potential threats and vulnerabilities in a system and determining the likelihood and impact of each threat. Assets that are vulnerable to spoofing include usernames, passwords, and digital certificates. What Is Threat Modeling? This can be a serious threat to confidentiality and privacy.

Authentication 87

Authentication Vulnerability Authorization Audit 87

Pure Storage

MARCH 21, 2022

Their skills should include vulnerability diagnostics, digital forensics, the ability to analyze memory dumps and malware, and the ability to use analysis tools to perform a correlation analysis of security events. Collecting and analyzing evidence of malicious network activity. Information Security (InfoSec).

Emergency Response 105

Emergency Response Emergency Response Backup Outsourcing 105

LAN Infotech

NOVEMBER 20, 2024

If a breach happens, cyber insurance can help cover: Notification Costs: Informing your customers about a data breach. These are foundational tools to reduce the likelihood of an attack and show that your business is actively working to protect its data. For small businesses, this can be an essential safety net.

Insurance 52

Insurance Insurance Cybersecurity Authentication 52

MHA Consulting

JUNE 22, 2023

Related on MHA Consulting: How to Get Strong: Unlocking the Power of Vulnerability Management The Practice of Vulnerability Management Last week, MHA CEO Michael Herrera wrote a blog about vulnerability management , the practice of identifying and mitigating the weaknesses in an organization’s people, processes, and technology.

Vulnerability 98

Vulnerability BCM Capacity Outage 98