What are the Implications of the SEC Regulating Your Cyber Risk Reporting?
What’s the news? Last month, the Securities and Exchange Commission proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies (The SEC has opened a comment period until May 9th, 2022 before it moves towards a final decision). The ... Read More
Cybersecurity and Business: Bridging the (Widening!) Gap
The World Economic Forum, in collaboration with Accenture, recently published their 2022 Global Cybersecurity Outlook. It is based on a survey of 120 security and business leaders. The news for security leaders isn’t good. According to Jeremy Jurgens, managing director, World Economic Forum: “despite the growing cognizance of cyber risks, ... Read More
Fiddling While Rome Burns: The Danger of Legacy Risk-Based Vulnerability Management
There is an expression: fiddle while Rome burns. It refers to the legend that Emperor Nero played his fiddle while watching the inferno that turned much of Rome to ashes in AD 64. The expression is used to describe the behavior of occupying oneself with unimportant matters and neglecting important ... Read More
Of Castles, SIEM, and Security Posture Management
The queen stands on her castle wall, keen to defend her people and valuables against the gathering hordes. She wonders, has she left herself vulnerable? She assesses her defenses. First, there is the castle itself: it has a wide moat, a strong gate, and high walls. She knows that the ... Read More
Cyber Risk Quantification: Dollars and Sense
Even with dozens of cybersecurity tools and mountains of data, are you still struggling to quantify your cyber risk? If you answered yes, you are not alone. In fact, my experience suggests you are in the majority. In my conversations with CISOs over the years, they repeatedly tell me that ... Read More
CVE Remediation Is Now a Board-Level Issue:It’s Time to Automate
Balbix is in the business of helping organizations automate their security posture so they can reduce their attack surface and decrease the likelihood and impact of a breach. Automating CVE remediation plays a central role in achieving these outcomes, in fact, CVE reduction often rises to the attention of organizations’ ... Read More
Automate your Hybrid Cloud Security Posture
Your organization is likely moving to the cloud. By now you know that moving to the cloud is not like flipping a light switch: one day you’re on-premises, the next you are in the cloud. It’s a gradual process. Today every large organization has a mix of on-premises and cloud ... Read More
Announcing the New Balbix Connector for AWS
Covid-19 accelerated cloud adoption in the enterprise in an unprecedented way. With the sudden move to remote work, organizations were forced to adopt cloud technologies to facilitate how we communicated, how we collaborated, and how our business was managed and operated, in a very short time. Our businesses needed not ... Read More
Security Posture Automation: DIY or MSSP
Security teams are inevitably overwhelmed and short on time. This is especially true when it comes to managing their organization’s security posture where they face three major challenges: An exploding attack surface A patch management program hasn’t kept up with the rapidly changing threat landscape Not enough people resources To ... Read More
How AI Can Help Secure Your Enterprise and Close the Skills Gap
Over the past few years, more and more businesses have incorporated artificial intelligence (AI) and machine learning into their products or services, which increasingly begs the questions, “Will AI replace human jobs?” and, “Should we all be worried?” Even though AI is the newest culprit, concerns over technology replacing humans ... Read More
