CVE and Cloud Services, Part 1: The Exclusion of Cloud Service Vulnerabilities

CVE and Cloud Services, Part 1: The Exclusion of Cloud Service Vulnerabilities

The vulnerability management process has traditionally been supported by a finely balanced ecosystem, which includes such stakeholders as security researchers, enterprises, and vendors. At the crux of this ecosystem is the Common Vulnerabilities and Exposures (CVE) identification system. In order to be assigned an ID, vulnerabilities have to fulfill certain criteria. In recent times, these [...]

A Prominent Place at the Table for Rural Technological Advancements

A Prominent Place at the Table for Rural Technological Advancements

When the general public thinks about today’s exciting technological breakthroughs, the imagery that springs to mind is unlikely to be a crowded pigpen in China or yam fields in the farmland of Nigeria. Yet, rural areas are the frontlines for some of the most important gains technology is enabling in modern society. The growing imprint [...]

Policy Q&A: The Basics of the NIS Directive

Policy Q&A: The Basics of the NIS Directive

In this Q&A, Danielle Kriz, senior director of Global Policy, and Fred Streefland, senior manager of Product Marketing for EMEA, cover the basics of the EU’s Network and Information Security Directive and what it might mean for organizations. Fred: Let’s talk about a new cybersecurity law in the European Union, the Network and Information Security (NIS) [...]

Five Keys for Adaptive IT Compliance

Five Keys for Adaptive IT Compliance

The fluid technology and regulatory landscape calls on IT compliance professionals to be more flexible and proactive than in the past to remain effective, according to Ralph Villanueva’s session on “How to Design and Implement an Adaptive IT Compliance Function,” Monday at the 2018 GRC Conference in Nashville, Tennessee, USA. The IT compliance function serves as an [...]