How Old Vulnerabilities Introduce Zero-Day Risks
How Old Vulnerabilities Introduce Zero-Day Risks Earlier this year a joint cybersecurity advisory from U.S and allied cybersecurity authorities identified the top exploited vulnerabilities and exposures (CVEs) of 2021. We noted in a blog post about the advisory that out of the vulnerabilities on the list, 25% of them were identified in 2020 and earlier […]
What To Know About The Top 15 Exploited Vulnerabilities
What to Know About the Top 15 Exploited Vulnerabilities A recent joint cybersecurity advisory from U.S and allied cybersecurity authorities identified the top exploited vulnerabilities and exposures (CVEs) of last year. Out of the 15 vulnerabilities that made the list, which we’ve placed below, it is interesting to see 11 of the 15 are from 2021. There […]
Four Questions Your Board Will Ask You About Cyber Risk
Four Questions Your Board Will Ask You About Cyber Risk Board members today are increasingly concerned with cybersecurity risks. Recent Gartner research found “Eighty-eight percent of Boards of Directors (BoDs) view cybersecurity as a business risk, as opposed to a technology risk, according to a new survey* from Gartner, Inc.” It’s not surprising given the […]
How Integrated Cyber Risk Management Helps Your Organization
In today’s world, organizations need to have accurate and complete visibility into their entire asset inventory, associated vulnerabilities, and threat landscape, including third-party risks, to understand their complete risk exposure levels to develop a plan for improved cyber risk management outcomes. The problem is, there are a lot of risk management solutions that claim to […]
Cyber Risk Scoring- The FortifyData Scoring Methodology
A cyber risk score, also known as a security rating, is a benchmark score or rating of an organization’s level of risk exposure based on the liabilities related to cybersecurity and IT vulnerabilities. These vulnerabilities can include attack surface (external), internal vulnerabilities (patching, IOCs, port management, etc.), human and environmental risk, vendor/third party risk management […]