Risk assessments, metrics and frameworks

Get the help you need with your security risk assessments with this resource guide. Get the latest news, advice and analysis on risk assessment frameworks and metrics for enterprise security programs and discover which ones are right for your business.

New & Notable

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Risk assessments, metrics and frameworks News

June 01, 2018 01 Jun'18
Federal cybersecurity report says nearly 75% of agencies at risk

The 'Federal Cybersecurity Risk Determination Report and Action Plan' shows the majority of federal agencies are at risk, and DHS suggests a lack of leadership may be to blame.
March 09, 2018 09 Mar'18
Tenable introduces Lumin cyber exposure platform

Tenable.io Lumin enables organizations to gauge their 'cyber exposure' to vulnerabilities and allows them to compare remediation efforts against industry benchmark data.
February 19, 2018 19 Feb'18
Risk & Repeat: Cyberinsurance market gets a shake-up

In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies.
October 03, 2017 03 Oct'17
DHS cyberinsurance research could improve security

A longitudinal cyberinsurance study performed by the Department of Homeland Security could improve enterprise security but the effects depend on the data collected, said experts.

View All News

Risk assessments, metrics and frameworks Get Started

Bring yourself up to speed with our introductory content

cybersecurity

Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyberattacks. Continue Reading
How cybersecurity risk fits into enterprise risk management

In security, perfection is impossible, but risk management frameworks plus a range of strategies can significantly reduce your organization’s risk. Continue Reading
Cyber-risk strategies and models for a post-perimeter age

Cyber-risky business: The notion of the security perimeter has grown quaint. If a firewall is insufficient, where does IT turn to answers on how to protect assets? Continue Reading

View All Get Started

Evaluate Risk assessments, metrics and frameworks Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Using threat intelligence tools to prevent attacks on your enterprise

Using threat intelligence tools can help your enterprise stay one step ahead of attackers and possible threats. Learn how threat intelligence can be used in your company. Continue Reading
Applying the new FDA medical device guidance to infosec programs

New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations. Continue Reading
How a threat intelligence platform can anticipate future attacks

Threat intelligence technology can analyze data to forecast future attacks and provide actionable countermeasures. Learn if it is suitable for your enterprise. Continue Reading

View All Evaluate

Manage Risk assessments, metrics and frameworks

Learn to apply best practices and optimize your operations.

How to use the OODA loop to improve network security

The OODA loop can be used to establish cyber deception against hackers to improve network security. Learn the OODA steps and how they can be applied to security with Kevin Fiscus. Continue Reading
Entropy sources: How do NIST rules impact risk assessments?

NIST recently released new guidance on entropy sources used for random bit generation. Judith Myerson explains these recommendations and how they alter cryptography principles. Continue Reading
Vulnerability scans: How effective are they for web apps?

Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can be missed by security teams. Continue Reading

View All Manage

Problem Solve Risk assessments, metrics and frameworks Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Zero-trust model promises increased security, decreased risk

The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading
How can enterprises leverage Google's Project Wycheproof?

Google's Project Wycheproof tests crypto libraries for known vulnerabilities, but there are potential drawbacks to this tool. Expert Matthew Pascucci explains them. Continue Reading
Monitoring outbound traffic on your network: What to look for

Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network. Continue Reading

View All Problem Solve