Update on the Apache Log4j Vulnerability
A remote code execution vulnerability (CVE-2021-44228) in the Apache Log4j 2 Java library was announced on December 9th, 2021. The vulnerability has been assigned a Base Score of 10.0 Critical, [...]
A remote code execution vulnerability (CVE-2021-44228) in the Apache Log4j 2 Java library was announced on December 9th, 2021. The vulnerability has been assigned a Base Score of 10.0 Critical, [...]
In the vCISO service line at risk3sixty, we see early on in engagements that many of our clients have found themselves caught in a break/fix cycle, which reminded me of [...]
For most of my career, I’ve been responsible for environments that have leaned heavily on Mobile Device Management (MDM) to help facilitate, drive, and streamline business objectives. Much of this [...]
The vCISO Advantage At Risk3Sixty, one of the critical components we focus on with each of our vCISO clients is their incident response program (IRP). The information security professionals working [...]
So, your security team or risk management consultants have finalized your risk assessment report, calling out risks and opportunities the organization faces. The report could be aligned with one of [...]
If you have read one of our previous posts around risk assessments, you probably have a good idea of why a risk assessment matters. You’re probably also familiar with compliance [...]
The Information Risk Council (IRC), also known as the Risk Governance Council or Security Steering Committee, is a key component of an effective security program especially if aligned with ISO [...]
A GRC tool can provide many benefits to your GRC program, as we’ve discussed before. However, before you go chasing shiny objects, you must understand what a GRC program is [...]
A GRC tool can help an organization manage its governance, risk, and compliance program. But why use a GRC tool instead of managing your GRC program manually? GRC tools can [...]
After you perform a risk assessment, what do you do with the results? Find out the answers to that and other common risk assessment questions in part 2 of this series! [...]