ZenGRC

Simply Powerful GRC

Home » Resource Center » Blog

Blog

Found 1512 Results
Page 42 of 152

NIST’s New Draft for Ransomware Risk Management


Learn the latest about NIST’s new preliminary draft for a ransomware risk management framework. Cyberattacks against businesses of all sizes are at all-time highs. Data from 2021 and projections for the future of cybersecurity suggest that the frequency and intensity of these attacks will only continue to grow. At the forefront of most cyberattacks in […]

ransomware risk management

May 29, 2023

What You Should Know About the New Cyber Security Evaluation Tool Model


Discover the changes CISA has made to their Cyber Security Evaluation Tool and what it could mean for your business. What Is a Cybersecurity Evaluation? A cybersecurity evaluation is the assessment (or audit) of an organization’s IT systems, processes, and procedures to detect and identify potential vulnerabilities and security breach risks. The goal is to […]

cyber security professionals working on computers

May 26, 2023

How to Automate Cyber Risk Quantification


The attack surface for most organizations is constantly expanding, and security teams struggle to decide which parts of that surface deserve priority for effective risk mitigation. Traditional methods of ranking risks such as malware and ransomware on a high-, medium-, low- scale have unraveled as different people interpret those categories differently. What’s needed: more accurate […]

cyber risk measurement chart

May 24, 2023

What Are the Different Types of Risk Assessments?


Risk assessments are a critical step in the risk management process. To protect your company properly, you must first determine the threats you face and the damage each threat could cause. That’s what a risk assessment attempts to determine. If you plan on performing risk assessments at your company, keep reading to learn more about […]

Businessman and businesswoman working together to protect clients confidential information and cyber security

May 22, 2023

What is the First Step in Security Awareness?


Security awareness is the process of providing your workforce with cybersecurity training and education so that they understand the importance of security in their daily work routines. It’s a critical part of cybersecurity overall. That security awareness training includes examining a variety of information security threats and demonstrating your organization’s security policies and procedures for […]

man tapping digital lock on touchscreen

May 19, 2023

Security Exception vs. Risk Acceptance: What’s the Difference?


Businesses face an endless stream of security concerns. Internal controls and security procedures help, but not every risk can be managed out of existence. To build a sustainable security program, executives need to rely on risk acceptance and security exceptions to keep operations running, and to placate stakeholders as much as possible. Although those two […]

multiple user icons in a row with one having a checkmark

May 17, 2023

Cybersecurity Risks in Hybrid Working Environments


Many companies now operate in a hybrid work environment. The term encompasses any number of specific workplace arrangements, but ultimately refers to a more flexible environment where employees spend a significant amount of time not in the office. So what are the implications of that shift for cybersecurity? Clearly hybrid work environments have a greater […]

people working together at a desk

May 15, 2023

Page 42 of 152

Ready to Experience Simply Powerful GRC?

×