Cybersecurity Risk Management

Cybersecurity Insights with Contrast CISO David Lindner | 03/14/25
Insight No. 1 — We are frogs, falling asleep in security-debt stew Companies are drowning in high-risk software security debt, with critical vulnerabilities festering for an average of 252 days before they’re ...

How the EU Product Liability Directive (EU PLD) is Changing Software Security | Contrast Security
Companies that sell software that can be used or downloaded by anyone in the European Union are facing a major new liability. Late last year, the European Commission finalized fundamental changes to ...
The Path to Clarity and Control with A Cyber Risk Assessment
The attack surface is constantly shifting—new assets, cloud services & workloads, APIs, and microservices emerge almost daily while legacy systems are retired and, hopefully, taken offline. This relentless pace creates a complex ...
Four New Balbix Capabilities You’ll Love!
Organizations today face a surge of vulnerabilities and exposures. With data on assets and exposures scattered across platforms, complexity hinders timely action. Security teams are left to manually sift through fragmented data ...
Seeing the Unseen: How Generative AI Elevates Situational Awareness in Cybersecurity
Situational awareness in cybersecurity is hard! And poor situational awareness can be disastrous in cybersecurity. For a CISO, it could mean missing acting on a critical gap in the security program, leading ...
A Cybersecurity AI Assistant: The Pricey Addition You Don’t Need—Or Do You?
You’ve probably seen all the buzz lately—announcements about cybersecurity AI assistants promising to revolutionize the way companies defend against threats. With so much noise in the industry, it’s tough to know whether ...
9 Powerful Ways AI Can Enhance Cyber Risk Management Today
TL;DR: The recent Ponemon report, sponsored by Balbix, shows that organizations recognize that Artificial intelligence (AI) offers significant potential to address the cybersecurity skills gap through the automation of operational tasks, enabling ...
Ponemon Report: The Top Three AI Cyber Risks Revealed
The 2024 State of Enterprise Cyber Risk in the Age of AI report, independently conducted by Ponemon Institute and analyzed and published by Balbix, is fueled by over 20,000 answers from hundreds ...
Balbix Guide to XZ Utils Backdoor
Executive Summary On March 29, 2024, developer Andres Freund reported the discovery of a backdoor in XZ Utils, affecting v5.6.0 and 5.6.1. XZ Utils, which provides compression tools for the .xz format, ...
Caught in the SEC dilemma: what should CISOs put in their “honest” 10-K?
The new SEC cybersecurity disclosure date is here. US public companies must provide cybersecurity disclosures that comply with new SEC regulations in 10-Ks filings starting December 18, 2023. Smaller companies have another ...