A risk management framework (RMF) is an organization’s security controls road map for managing its cyber risks. RMFs define how the people in an organization utilize processes to manage technology, ensure oversight, and reduce risk exposure. The framework often serves multiple purposes, from evaluating the maturity of security controls to demonstrating due diligence in securing...Read More

The recent discovery of Log4J and its widespread impact on businesses highlights the importance of scanning networks to identify and mitigate software vulnerabilities. But periodically scanning networks is the easy part of building an effective vulnerability management program. Since these “programs” aim to identify and fix software vulnerabilities, ongoing management must include a schedule of...Read More