Analyzing the Cybersecurity Hygiene of Ransomware Victims

Any company operating a modern information technology environment can fall victim to system-encrypting ransomware. But not every company has fallen victim. Do companies that experience an operations-impacting ransomware event have poor cybersecurity hygiene? Or is the quality of cybersecurity hygiene not a factor in the frequency of ransomware events? To answer these questions, RiskRecon analyzed…

Read More

SecurityScorecard Grades the RH-ISAC Community

RH-ISAC recently partnered with Associate Member SecurityScorecard to produce a report that details the most common vulnerabilities, critical severity issues, and malware strains observed among RH-ISAC member companies. SecurityScorecard is the global leader in cybersecurity ratings, which are used for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. SecurityScorecard provides companies with an…

Read More

Reducing Third-Party Risk with Continuous Monitoring

According to a recent study by SecureLink and Ponemon Institute, 51% of organizations have experienced a data breach caused by a third-party. Despite the growing risk third parties pose however, many companies are still not making securing these relationships a priority. The key to effectively mitigating your third-party risk is making it a continuous process,…

Read More

Top Three Focus Areas for CISOs in 2021

In a year that tested our resolve, the RH-ISAC community was resilient. The COVID-19 pandemic altered business-as-usual operations, changing the ways consumers shop and travel, and how employees work. Many of our members were forced to reduce staff and contractors, financially de-prioritize large capital and long-term projects, and delay initiatives that would have contributed to…

Read More

The Threat of Online Skimming to Payment Security

Below we cover basic questions with PCI SSC Chief Technology Officer Troy Leach about a newly released bulletin by the PCI SSC and RH-ISAC on the topic of digital skimming and how to detect and prevent this dangerous threat. For more information about best practices for detection and prevention, review the full bulletin here. Q. …

Read More