Media Coverage

June 14, 2018 | Albuquerque Business First, Collin Krabbe

The Albuquerque office of RiskSense, a cybersecurity vendor, is on the hunt for new employees. The company will search for candidates through a "speed dating" style event to be held on June 28 in conjunction with other local companies.    Read Full Article

June 1, 2018 | StateScoop, Benjamin Freed

Cybersecurity continues to be a struggle for most state governments, but a report from New America highlights novel approaches in Arizona, New Jersey, and Washington.    Read Full Article

May 15, 2018 | IoT Innovator, Dylan Davis and Sean Dillion

Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices can provide great value by handling tasks with precision, consistency, and accountability that can never be achieved by human labor. Unfortunately, these devices can also create huge risk; they are often susceptible to numerous categories of security vulnerabilities and consequently attacked by hackers.    Read Full Article

May 14, 2018 | GNC, Matt Leonard

Arizona did not have much visibility into its cybersecurity vulnerabilities when Mike Lettman arrived six years ago. Since then, the state's chief information security officer has been able to evaluate the security posture for individual assets, network and applications, across agencies and the state's network as a whole, Lettman said.    Read Full Article

May 2, 2018 | Light Reading

Sage Wagner, senior security pre-sales engineer at RiskSense, provides a demo of the company's latest technology, 'RiskSense Solution', a vulnerability management and cyber risk platform, which helps companies manage their cyber risks through their vulnerabilities.    Read Full Article

May 2, 2018 | ITSP Magazine, John Dasher

ITSP magazine's John Dasher chats with Sage Wagner from RiskSense during RSA Conference 2018 in San Francisco to discuss how to help organizations understand their attack surfaces and quantify their risks, allowing for rational prosecution of vulnerabilities and threats, as well as determining the effectiveness and prioritization of security investments.    Read Full Article

April 30, 2018 | Supply Chain Dive, Barry Hochfelder

High tech has reached the high seas, and there are no safe harbors. That point was made very clear in a recent webinar hosted by the National/International Maritime Law Enforcement Academy and presented by RiskSense, a New Mexico-based cybersecurity practitioner.    Read Full Article

April 11, 2018 | Cybersecurity Insiders

Making sense of increasing amounts of complex data is a challenge in many industries. Cybersecurity professionals must manage data generated by the countless systems in your network. Feeds from disconnected, siloed tools must be normalized and analyzed so SOC teams can appropriately prioritize remediation efforts. And that's where RiskSense comes in.    Read Full Article

April 9, 2018 | State Scoop, Benjamin Freed

All of the State's 133 state agencies will use New Mexico-based firm RiskSense to monitor their exposure to cyberattacks.    Read Full Article

March 23, 2018 | SDxCentral, Jessica Lyons Hardcastle

Netflix this week said it's taking its bug bounty payouts public with Bugcrowd. It joined the likes of Cisco Meraki, Fitbit, and Square, which also recently started using the crowdsourced security program to pay, ahem, "researchers" (read: hackers) to find and report security vulnerabilities in its products.    Read Full Article

March 20, 2018 | American Security Today, Tammy Waitt

RiskSense, a pioneer and market leader in pro-active cyber risk management is pleased to announce the RiskSense Platform has been nominated to compete in the 2018 'ASTORS' Homeland Security Awards Program.    Read Full Article

March 4, 2018 | Anand Paturi, ITSP Magazine

Managing cyber threats has never been more challenging. Breaches, hacks and malware are daily problems for organizations. Not only are threats growing in frequency and severity, they are becoming more sophisticated, making it extremely difficult for organizations to identify and stop them, and to determine which ones need to be prioritized for remediation.    Read Full Article

March 2, 2018 | Crain's Silicon Valley, Jonathan Cassell

If I knew then...In this ongoing series, we ask executives, entrepreneurs and business leaders about mistakes that have shaped their business philosophy. Today's subject is Dr. Srinivas Mukkamala, Co-Founder and CEO, RiskSense Inc.    Read Full Article

March 1, 2018 | Benjamin Cloutier

Governor Susana Martinez Announces Vitality Works Expanding, Creating Up To 80 New Jobs    Read Full Article

February 10, 2018 | CB Insights

Our infographic highlights the top cybersecurity startup by funding in each state, including two unicorns - California's Tanium and Michigan's Duo Security.    Read Full Article

January 2, 2018 | Security Current

Srinivas Mukkamala grew up in India, where he attained his undergraduate degree in Computer Sciences and Engineering. His focus of study was artificial intelligence (AI). He began his career working as an intern for the Indian Space Research Organisation, the space agency of the Government of India, working on artificial neural networks for space trajectory.    Read Full Article

December 27, 2017 | Dark Reading, Anand Paturi

Determining the financial impact of specific IT vulnerabilities is a good way to prioritize remediation and prevent attacks.    Read Full Article

November 1, 2017 | Venture Beat, Ken Elefant

Machine learning and artificial intelligence are timely subjects that spark the public imagination. In 2016, between $26 billion and $39 billion was invested in AI, according to recent estimates from the McKinsey Global Institute, a leading private-sector think tank. That number is three times the amount spent just three years prior, an increase driven by entrepreneurial activity and technological advancements.    Read Full Article

October 25, 2017 | IT World Canada, Howard Solomon

CISOs are holding their breath and hoping that the latest ransomware strain being detected in Eastern Europe and Russia isn't the beginning of a widespread campaign. The strain, dubbed Bad Rabbit, masquerades as an Adobe Flash update.    Read Full Article

October 17, 2017 | Dark Reading, Jai Vijayan

Products from Lenovo, HPE, Google, Microsoft, and others impacted by flaw in Infineon chipset. The set of key reinstallation vulnerabilities disclosed Monday in the WPA2 protocol is actually the second disclosure in recent days to hammer home just how difficult it can be getting cryptography right.    Read Full Article

October 16, 2017 | IT World Canada, Howard Solomon

Infosec pros around the world are reacting with dismay to a report of a serious vulnerability in their WiFi networks that could endanger the enterprise.    Read Full Article

October 12, 2017 | Dark Reading, Jai Vijayan

It's unclear what happened in the reported theft of NSA data by Russian spies, but an attacker would need little help to steal if he or she had privileged access to an AV vendor's network, security experts say.    Read Full Article

October 2, 2017 | SC Media, Doug Olenick

There isn't a cybersecurity professional in the world that is not sick and tired of hearing about WannaCry and NotPetya, and with good reason as the NSA's EternalBlue exploit and DoublePulsar backdoor tool were known to the cybersecurity community well before either attack was launched.    Read Full Article

September 25, 2017 | Kevin Robinson-Avila, Albuquerque Journal

Cybersecurity experts say the massive breach of credit-reporting company Equifax Inc.'s data systems may be a needed wake-up call to galvanize business and government into much more aggressive action to protect online data in today's hyperconnected cyber world.    Read Full Article

September 15, 2017 | Asia Pacific Security Magazine

Finalists have been announced for six categories of the prestigious IoT and Cloud Innovation Awards 2017. There are now SIX categories, judging by IT gurus, VCs, technology media and analysts. For each of the Hot Start Up award categories, three finalists have been announced, in alphabetical order, as follows: Hot Start Up - CyberSecurity: Javelin Networks, RiskSense and Zimperium.    Read Full Article

September 14, 2017 | Albuquerque Business First, May Ortega

With the recent Equifax data breach that left 143 million people's information vulnerable, business owners have been looking for ways to protect themselves. Some of those became clear at Albuquerque Business First's Cybersecurity Summit.    Read Full Article

September 8, 2017 | Albuquerque Journal, Kevin Robinson-Avila

New Mexico Credit Union Association CEO Paul Stull is rallying the state's credit unions into action to aggressively push for federal standards to protect consumers against cyber crime following credit-reporting company Equifax Inc.'s announcement Thursday of a potentially massive breach of its data systems.    Read Full Article

August 14, 2017 | Security Guy Radio

Chuck Harold and Cherise Gutierrez from Security Guy Radio discusses cyber security, risk management, and the growing attack surface with RiskSense CEO Dr. Srinivas Mukkamala, live at Black Hat USA 2017    Read Full Article

August 14, 2017 | ThreatPost, Michael Mimoso

Between Conficker and WannaCry, there was a nearly a decade when network worms went dark. WannaCry changed that, riding into enterprises globally on the coattails of a leaked nation-state exploit. In the months since the May 12 ransomware attack, vendors, researchers and network admins have been on edge looking in corners and under couches for wormable bugs.    Read Full Article

August 11, 2017 | Albuquerque Business First, May Ortega

In a show of progress, Albuquerque-based RiskSense has hired its first-ever chief technology officer, the company announced Thursday. Danny Quist, formerly head of security operations and engineering for Bechtel Corp., has joined the New Mexico company's highest ranks.    Read Full Article

August 8, 2017 | Dark Reading, Kelly Sheridan

When researchers find vulnerabilities that leave older systems exposed, should the software giant create patches or encourage upgrades? Experts weigh in.    Read Full Article

August 7, 2017 | CyberScoop, Shaun Waterman

In the fast-growing cybersecurity insurance market, underwriters face a uniquely complex problem: measuring or estimating the risk their policy-holders face from cybercrooks, online spies and other hackers.    Read Full Article

August 4, 2017 | Bleeping Computer, Catalin Cimpanu

Microsoft has declined to patch a vulnerability in the Server Message Block (SMB) file sharing protocol that affects all versions of the Windows operating system released in the past two decades, since Windows 2000. The vulnerability is named SMBLoris and was discovered by two RiskSense security researchers - Sean Dillon and Jenna Magius - while exploring the NSA's EternalBlue SMB exploit back in June.    Read Full Article

August 3, 2017 | WindowsReport, George Finley

After the recent cyber attacks Petya and WannaCry, Microsoft recommended all Windows 10 users to remove the unused but still vulnerable SMBv1 file sharing protocol from their machines to stay safe. Both variants of the ransomware used this particular exploit to replicate through network systems.    Read Full Article

August 2, 2017 | IT Business Edge, Carl Weinschenk

Last week, Malwarebystes released the Second Annual State of Ransomeware Report, which was conducted on its behalf by Osterman Research. The study looked at 1,054 companies with 1,000 or fewer employees in North America, France, the UK, Germany, Australia, and Singapore.    Read Full Article

August 1, 2017 | Slash Gear, JC Torres

Most of the time, when software vendors receive a report of a vulnerability, especially a serious one, they usually move swiftly in order to plug up the hole. There are time, however, when a vendor might decide that the cost of patching up the vulnerability and distributing that fix is far more trouble than it is worth.    Read Full Article

August 1, 2017 | Dark Reading, Kelly Sheridan

Researchers at both conferences demonstrated workaround and flaws in application and services including Office 365, PowerShell, Windows 10, Active Directory and Windows BITs.    Read Full Article

July 31, 2017 | IT World Canada, Howard Solomon

The annual Black Hat and Def Con security conference in Las Vegas have wrapped up after more presentations of interest to CISOs. Following our earlier roundup of a few of them, here's more highlights.    Read Full Article

July 31, 2017 | On MSFT, Laurent Giret

Following the recent WannaCry and Petya ransomware attacks, Microsoft recommended all Windows 10 users to remove the unused but vulnerable SMBv1 file sharing protocol from their PCs. This is because both variants of the ransomware actually used the same SMBv1 exploit to replicate through network systems, even though it seems that Petya mostly affected Windows PCs in Ukraine.    Read Full Article

July 30, 2017 | The Register, Richard Chirgwin

A Windows SMB vulnerability revealed late last week at DEF CON won't be patched because Microsoft says the service should be firewalled off from the internet anyway.    Read Full Article

July 26, 2017 | ThreatPost, MICHAEL MIMOSO

A 20-year-old Windows SMB vulnerability is expected to be disclosed Saturday during a talk at DEF CON. Microsoft has said it will not patch the vulnerability, which allows an attacker to remotely crash a Windows server with relative ease using only 20 lines of Python code and a Raspberry Pi.    Read Full Article

July 21, 2017 | DarkReading

Cyber risk management leader announces new offering to cover emerging technologies and environments including smart logistics systems, Internet of Things, and automotive control systems.    Read Full Article

July 13, 2017 | CNBC

The fight to diversify New Mexico's economy is critical to the future of our state. We continue to work to overcome the effects of strong economic headwinds, such as federal budget cuts, the national recession and slumping oil and gas revenue. In the face of these challenges, private-sector job growth is on the rise in our state and we're working to build a sturdier foundation that will make us stronger when the economic storms of the future come our way.    Read Full Article

June 28, 2017 | Albuquerque Business First, Ron Davis

Business First is looking for which Albuquerque company will claim the title of coolest office in the city this year.    Read Full Article

June 28, 2017 | Gulf News, Nicole Perlroth

There have been times over the past two months when Golan Ben-Oni has felt like a voice in the wilderness. On April 29, someone hit his employer, IDT Corp, with two cyberweapons that had been stolen from the National Security Agency. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.    Read Full Article

June 27, 2017 | IT World Canada, Howard Solomon

Canadian infosec pros have been crossing their fingers today that all their Windows systems are patched to block what is now appears to be a world-wide infestation of ransomware worm that exploits a Windows vulnerability that helped spread the WannaCry ransomware a month ago.    Read Full Article

June 27, 2017 | ThreatPost, Michael Mimoso

The attackers behind today's global ransomware outbreak are spreading the malware using a modified version of the leaked NSA EternalBlue exploit and two Windows utilities to move laterally on local networks, adding layers of complexity to this attack to where it could dwarf WannaCry in short order.    Read Full Article

June 26, 2017 | 451 Research, Dan Cummins and Sean Doherty

The company is helping to promote greater risk focus as a wise step for enterprise organizations trying to operationalize and coordinate across dozens of product capabilities and data sources.    Read Full Article

June 23, 2017 | ZDNet, Zack Whittaker

Microsoft claims "no known ransomware" runs on Windows 10 S, its newest, security-focused operating system. The software giant announced the version of Windows earlier this year as the flagship student-focused operating system to ship with its newest Surface Laptop. Microsoft touted the operating system as being less susceptible to ransomware because of its locked-down configuration -- to the point where you can't run any apps outside the protective walled garden of its app store. In order to get an app approved, it has to go through rigorous testing to ensure its integrity. That's one of several mitigations that helps to protect the operating system to known file-encrypting malware.    Read Full Article

June 22, 2017 | The New York Times, Nicole Perlroth

NEWARK - There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness. On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.    Read Full Article

June 20, 2017 | Albuquerque Business First, May Ortega

If you were at our World's Fair-styled event at Civic Plaza on Tuesday evening, then the sights, smells and suprises of Albuquerque Business First's second Innovation New Mexico awards are likely fresh in your mind. In case you didn't make it - or are wondering who took home the "People's Choice Award" - we have everything you need to know.    Read Full Article

June 20, 2017 | ThreatPost, Michael Mimoso

The crusty SMBv1 file-sharing protocol, abused by a NSA exploit last month that spread WannaCry, will be removed from Windows 10 starting with the upcoming Redstone 3 update.    Read Full Article

June 19, 2017 | Homeland Security Today, Sean Dillon (Senior Security Analyst, RiskSense, Inc.)

On May 12, the WannaCry worm unleashed the fastest-spreading ransomware attack in computing history, encrypting files on millions of computers around the world in a matter of hours and demanding payment to unlock them. The scope of the outbreak revealed the vast inadequacies of corporate and government security practices for addressing security vulnerabilities.    Read Full Article

June 15, 2017 | IT World Canada, Howard Solomon

As infosec pros catch their breath recovering from the WannaCry ransomware attack that crippled some 300,000 Windows machines around the world last month, three myths this week were exploded.    Read Full Article

June 15, 2017 | Becker's Health IT & CIO Review, Laura Dyrda

Healthcare organizations across the globe are more susceptible than ever to hacks and data breaches, which can cost a hospital or health system millions to fix and damage their reputation. As a result, hospitals are investing more in cybersecurity and risk management services. Organizations face internal threats from email scams, cloud sharing and lost mobile devices, as well as external threats such as hackers. The global healthcare cybersecurity market is expected to reach $10.8 billion by 2020, according to a Grand View Research report. Here are more than 100 cybersecurity companies in the healthcare space, listed in alphabetical order.    Read Full Article

June 14, 2017 | DARK Reading, Kelly Sheridan

Microsoft extends its monthly security updates to respond to a rise in cyberattacks and fix serious flaws in Windows XP and Windows Server 2003.    Read Full Article

June 14, 2017 | ThreatPost, Michael Mimoso

The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from April's ShadowBrokers leak.    Read Full Article

June 13, 2017 | ZDNet, Zack Whittaker

Microsoft has confirmed its latest round of security patches has fixed three remaining vulnerabilities built by the National Security Agency, which the company previously said it would not fix.    Read Full Article

June 12, 2017 | Windows Report, George Finley

The NSA's EternalBlue exploit was ported to devices running Windows 10 by white hats and because of this, every unpatched version of Windows back to XP can be affected, a terrifying development considering EternalBlue is one of the most powerful cyber attacks ever made public.    Read Full Article

June 12, 2017 | Redmond Magazine, Kurt Mackie

Microsoft has published details about how the Windows 10 "creators update" (version 1703, released in April) provides protection against ransomware, including last month's infamous "WannaCrypt" (or "WannaCry") ransomware outbreak.    Read Full Article

June 12, 2017 | Albuquerque Business First, May Ortega

Albuquerque Business First is celebrating the biggest innovators in New Mexico with our second annual Innovation New Mexico event, June 20 at Civic Plaza.    Read Full Article

June 12, 2017 | Albuquerque Business First, Christopher Ortiz

What better way to celebrate Albuquerque's Best Places to Work than with laser tag and bowling?    Read Full Article

June 8, 2017 | TechTarget - SearchSecurity, Michael Heller

The EternalBlue exploit behind the WannaCry ransomware attacks has been successfully ported to an older version of Windows 10, but newer versions of the OS are protected.    Read Full Article

June 8, 2017 | Tech 2

Over the course of previous few weeks, WannaCry has been making outstanding headlines within the safety world. Powered by NSA's EternalBlue and DoublePulsar exploit, WannaCry wrecked havoc on unpatched Home windows 7 and XP PCs. This exploit didn't have an effect on Home windows 10.    Read Full Article

June 8, 2017 | eTeknix, Ashley Allen

When the WannaCry ransomware hit last month, researchers claimed it could only infect systems running Windows 7 or earlier. Within days, it had infected Windows 8 and 8.1 machines, though Windows 10 remained unaffected. Security researcher, therefore, thought Microsoft's latest operating system was immune to the malware. This assumption, as it turns out, was false.    Read Full Article

June 8, 2017 | E Hacking News

The recent massive WannaCry cyber attack damaged most machines running Windows 7. While Windows XP was largely spared due to a bug in the ransomware code, Windows 10 had more advanced defences and could therefore not be infected.    Read Full Article

June 7, 2017 | BLEEPINGCOMPUTER, CATALIN CIMPANU

Experts at RiskSense have ported the leaked NSA exploit named ETERNALBLUE for the Windows 10 platform. This is the same exploit that was used by the WannaCry ransomware as part of its SMB self-spreading worm in the mid-May WannaCry outbreak that affected over millions of computers across the world.    Read Full Article

June 7, 2017 | SECURITYWEEK, TORSTEN GEORGE (RISKSENSE VP GLOBAL MARKETING AND PRODUCTS)

The healthcare industry has experienced an onslaught of cyber-attacks over the last year, primarily driven by the fact that patient records are highly prized assets among cyber criminals. Protected health information sells for 30 times more than financial information on the dark web, since it contains a full identity profile including social security numbers. Being in the cross hairs of motivated cyber gangs is forcing the healthcare industry to address some stiff cyber risk management challenges. Let's look at what steps the industry can take to reduce the likelihood of data breaches.    Read Full Article

June 7, 2017 | Network World, Ms. Smith

Researchers created a smaller version of EternalBlue which can be ported to unpatched versions of Windows 10 to deliver nasty payloads without needing the DoublePulsar backdoor.    Read Full Article

June 7, 2017 | SC Media, Rene Millman

Security researchers show how latest Microsoft operating system could have been infected by ransomware.    Read Full Article

June 7, 2017 | THREATPOST, MICHAEL MIMOSO

The emergency of a port of the EternalBlue exploit to Windows 10 signals that white-hat researchers have likely done what the NSA has already long accomplished. The leaked version of the powerful Windows SMB attack shared by the ShadowBrokers in April was built only to attack Windows XP and Windows 7 machines. The mysterious serial leakers of Equation Group offensive hacking tools may not have been able to get their hands on the intelligence agency's latest wares, but it likely exists.    Read Full Article

June 6, 2017 | DARK READING, KELLEY SHERIDAN

The EternalBlue remote kernel exploit used in WannaCry could be used to infect unpatched Windows 10 machines with malware, researchers find. A flaw in unpatched versions of Window 10 could leave machines vulnerable to EternalBlue, the remote kernel exploit behind the recent WannaCry ransomware attack.    Read Full Article

June 6, 2017 | THREATPOST, MICHAEL MIMOSO

The NSA's EternalBlue exploit has been ported to Windows 10 by white hats, meaning that every unpatched version of the Microsoft operating system back to Windows XP - and likely earlier - can be affected by one of the most powerful attacks ever made public.    Read Full Article

June 1, 2017 | Risk Management Magazine, TORSTEN GEORGE (RISKSENSE VP GLOBAL MARKETING AND PRODUCTS)

In February, at the World Economic Forum (WEF) in Davos, Switzerland, an expert working group issued the report Advancing Cyber Resilience: Principles and Tools for Boards. These principles and tools are designed to help strengthen an organization’s cyber practices by providing guidance for managing cyber risks much in the same way that organizations manage enterprise risk.    Read Full Article

June 1, 2017 | YoStartups

List of top 50 startups to watch out for in 2017.    Read Full Article

May 22, 2017 | TRUE VIRAL NEWS

The massive WannaCry ransomware attack has hit hundreds of thousands of computers from Taiwan to the United Kingdom. Despite the global nature of the attack, few networks and companies in the United States appear to have been hit.    Read Full Article

May 21, 2017 | NORMANGEE STAR, MADELINE PATRICK

The investigations into the attack were in the early stages, however, and attribution for cyber attacks is notoriously hard. However, the threat is far from over.    Read Full Article

May 20, 2017 | THEVILLAGESSUNTIMES, ELLIS NEAL

The group also mentions "The Equation Group", which is supposed to be a hacking group linked to the NSA. RiskSense has been tracking the Shadow Brokers since last August, when it released a zero-day exploit "Extra Bacon" for Cisco ASA firewalls that potentially allowed attackers to access internal networks.    Read Full Article

May 20, 2017 | NORMANGEE STAR, MADELINE PATRICK

Friday’s WannaCry Ransomware attack effectively acts as a lesson for governments and organizations worldwide to show how vulnerable they are to cybercrimes due to lack of care and responsibility in protecting their computer systems.    Read Full Article

May 18, 2017 | TRUE VIRAL NEWS

As many as 74 countries have been hit by a huge, fast-moving and global ransomware attack that locks computers and demands the digital equivalent of $300 per computer, Kaspersky Lab, a Russian-based cybersecurity company, said Friday.    Read Full Article

May 18, 2017 | COSUMNES CONNECTION, ZACHARY REYES

The mysterious Shadow Brokers group, which leaked the stolen hacking tool used in last week's global cyber attacks, is threatening to release more such tools next month.    Read Full Article

May 18, 2017 | NEW YORK SOUTH EAST POST

As if dealing with the continuing drama of the WannaCry global ransomware attack was not enough, the original group behind the leak of National Security Agency (NSA) hacking tools has announced it will release more vulnerabilities that could be exploited in the near future.    Read Full Article

May 17, 2017 | FYIBLOG.INFO

In a message on their website, the ‘Shadow Broker’ hacking gang revealed they would “dump” more programs and bugs they stole from the US National Security Agency (NSA), comparing it to a monthly “wine club”. While this particular hacking group are not thought to have been behind the crippling attack that started on Friday, it has been revealed they did release the tools that were used by the perpetrators online in April.    Read Full Article

May 17, 2017 | CBS NEWS, ALFRED NG

The WannaCry ransomware never could have escalated as far as it did without the Shadow Brokers. And the hacker group has just resurfaced. The malware has ensnared up to 300,000 computers in more than 150 countries, locking up devices in hospitals, schools and businesses unless they pay up. It's been able to spread quickly by sneaking through an infected computer's network, using an exploit in a standard sharing tool called Server Message Block found in outdated Windows computers.    Read Full Article

May 17, 2017 | SECURITYWEEK, TORSTEN GEORGE (RISKSENSE VP GLOBAL MARKETING AND PRODUCTS)

Over the past year, cyber risk management has gained a lot of attention in the media and among practitioners. Even though risk management has been proven to optimize business performance and lead to better investment decisions, many organizations have still not adopted this concept when it comes to their enterprise security model. Last week’s WannaCry ransomware attack is a stark reminder that a risk-based approach to security is long overdue. WannaCry is the last cyber-attack to expose the industry’s inability to find and fix threats that really matter. So what’s holding organizations back from implementing cyber risk management?    Read Full Article

May 16, 2017 | DARK Reading, JAI VIJAYAN

The ShadowBrokers, the hacking crew that has become almost a household name following the worldwide ransomware attacks of the past few days, has a new proposal for those interested in its wares. Starting June, the group claims it will offer a new subscription service that will give members access to a data dump of exploits and stolen data every month.    Read Full Article

May 16, 2017 | WIKIPEDIA, THE FREE ENCYCLOPEDIA

Sean Dillon is a senior analyst of security company RiskSense Inc. who dissected and inspected DoublePulsar. He said that it is "10 times worse" than the Heartbleed security bug and runs in kernel mode which grants hackers a high level of control over the computer system.    Read Full Article

May 16, 2017 | The Security Ledger, Paul

In-brief: We speak with Sean Dillon of the firm RiskSense, who helped reverse engineer DoublePulsar and EternalBlue, the Windows exploit tools used to help spread the WannaCry ransomware.    Read Full Article

May 16, 2017 | ALBUQUERQUE BUSINESS FIRST, MAY ORTEGA

Computers and information systems around the world have been hit by the so-called WannaCry ransomware attack — more than 213,000 detections in 112 countries as of late Monday afternoon, according to Avast. It was a close call for countless New Mexico companies, too.    Read Full Article

May 16, 2017 | CNET, ALFRED NG

The Shadow Brokers group unleashed an exploit that fueled a global ransomware attack. Now they say they've got more where that came from. The WannaCry ransomware never could have escalated as far as it did without the Shadow Brokers. And the hacker group has just resurfaced.    Read Full Article

May 16, 2017 | IT WORLD CANADA, BRIAN JACKSON

Shadow Brokers, the group that leaked the U.S. National Security Administration worm that weaponized the WannaCrypt / WannaCry malware for last weekend’s global attack, says it’s just getting started. In a convoluted post on Steemit.com and shared on the mysterious group’s Twitter account, Shadow Brokers says it has more exploits and attack tools in its possession. It wants to sell them, starting in June through “TheShadowBrokers Data Dump of the Month” service.    Read Full Article

May 15, 2017 | THREATPOST, MICHAEL MIMOSO

The inevitable wave of WannaCry ransomware variants began in earnest over the weekend after bit of sleuthing from a U.K. researcher slowed down the initial global outbreak.At least five new takes on the first attack, all still leveraging the NSA’s EternalBlue exploit and DoublePulsar rootkit, are spreading WannaCry. So far, the attackers aren’t exactly getting rich, collecting $54,894 as of this morning, despite as many as 200,000 infections in 150 countries, according to Europol’s estimates. But given the flexibility of the leaked NSA exploits, there’s nothing stopping criminals from spreading banking Trojans or other commodity malware in the same fashion, experts said.    Read Full Article

May 15, 2017 | USA TODAY, ELIZABETH WEISE AND MIKE SNIDER

The massive WannaCry ransomware attack has hit hundreds of thousands of computers from Taiwan to the United Kingdom. Despite the global nature of the attack, few networks and companies in the United States appear to have been hit. The reason, say cybersecurity analysts, is a combination of luck, geography, and adherence to software updates, though the United States is by no means invulnerable to such attacks.    Read Full Article

May 15, 2017 | LIFEHACKER, DELL CAMERON

Ransomware may be mostly thought of as a (sometimes costly) nuisance, but when it hinders the ability of doctors and nurses to help people with an emergency medical problems, that qualifies as armed robbery. On Friday, a quickly spreading, nasty piece of malware crossed mountains and oceans to infect more than 70,000 machines around the world in its first few hours. Among those infected were more than a dozen hospitals in England, a telecom in Spain, FedEx's offices in the United Kingdom, and apparently, the Russian Interior Ministry. Within half a day, there were instances detected on six continents.    Read Full Article

May 15, 2017 | IT WORLD CANADA, HOWARD SOLOMON

While infosec pros in Canada this morning are scanning their systems to ensure Windows and anti-malware systems are fully patched to deal with the WannaCry ransomware that quickly spread around the world over the weekend, there are worries a new release of alleged CIA-created vulnerabilities from WikiLeaks will shortly lead to more attacks. So far there are few public reports of IT systems in this country being victimized by WannaCry, which uses techniques of a worm to spread to computers in 150 countries. Researchers estimate some 200,000 systems were hit.    Read Full Article

May 15, 2017 | The Security Ledger, Paul

A fatal flaw in its design slowed the spread of WannaCry, a virulent ransomware program that has infected more than 100,000 organizations and individuals globally. But security experts warn that the threat of future intrusions remain for organizations infected with the malicious software.    Read Full Article

May 15, 2017 | Politico, Eric Geller

This week's worldwide cybersecurity crisis is just the latest black eye for the National Security Agency and its practice of stockpiling secret means of snooping into computer systems. That’s because whoever launched the global series of ransomware assaults is using a flaw in Microsoft Windows that the U.S. spy agency had apparently exploited for years — until someone leaked the NSA’s hacking tools online and allowed cyber criminals to copy them.    Read Full Article

May 14, 2017 | NORMANGEE STAR

Tom Robinson, co-founder of Elliptic, a company that identifies illicit activity involving bitcoin and provides services to most major law enforcement agencies in the USA and the United Kingdom, said that at least three bitcoin addresses have been identified as being associated with the malware used in Friday’s worldwide attack, reports the Guardian. The National Center for the Protection of Critical Infrastructure says Friday it was communicating with more than 100 providers of energy, transportation, telecommunications and financial services about the attack.    Read Full Article

May 14, 2017 | PPP FOCUS, PAUL SMEDLEY

Cybersecurity firm Avast said it had identified more than 75,000 ransomware attacks in 99 countries, making it one of the broadest and most damaging cyberattacks in history. Affected by the onslaught were computer networks at hospitals in Britain, Russia’s interior ministry, the Spanish telecom giant Telefonica and the U.S. delivery firm FedEx and many other organisations.    Read Full Article

May 13, 2017 | THREATPOST, MICHAEL MIMOSO

Microsoft has taken the extraordinary step of providing an emergency update for unsupported Windows XP and Windows 8 machines in the wake of Friday’s WannaCry ransomware outbreak. Unknown attackers were using the EternalBlue exploit leaked by the ShadowBrokers in April to spread WannaCry, a variant of the WCry malware, which surfaced in February. EternalBlue, an offensive hacking tool allegedly developed by the NSA, exploits a Windows SMBv1 vulnerability that was patched by Microsoft in March in security bulletin MS17-010.    Read Full Article

May 13, 2017 | THE MONITOR, PARESH DAVE

Cybersecurity researchers said a malicious program that disabled computers at Britain's National Health Service, Russia's Interior Ministry and companies and homes across dozens of countries Friday originated with the National Security Agency. Earlier this year, a hacking group calling itself Shadow Brokers published online what it described as stolen NSA documents. They were filled with information that hacking experts said could be used to secretly take over and pluck data from laptops, smartphones and even smart TVs.    Read Full Article

May 13, 2017 | DEMOCRAT & CHRONICLE, DOUG STANGLIN AND ELIZABETH WEISE

Britain's National Cyber Centre says it is "working round the clock" to counter a fast-moving, global ransomware attack that crippled the National Health Service and hit as many as 74 countries.The cyberattack, which apparently exploited a flaw exposed in documents leaked from the U.S. National Security Agency, also struck systems — from transport facilities to universities — in Ukraine, Spain, Italy and India. Even Russia's interior ministry said it was hit.    Read Full Article

May 13, 2017 | THE REGISTER, IAIN THOMSON

Special report The WannaCrypt ransomware worm, aka WanaCrypt or Wcry, today exploded across 74 countries, infecting hospitals, businesses including Fedex, rail stations, universities, at least one national telco, and more organizations. In response, Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, such as XP and Server 2003, as well as modern builds.    Read Full Article

May 12, 2017 | MCAFEE SECURING TOMORROW. TODAY BLOG, RAJ SAMANI, CHRISTIAAN BEEK, AND CHARLES MCFARLAND

Over the course of Friday the 12th of May we received multiple reports of organizations across multiple verticals being victim to a ransomware attack. Once infected, the encrypted files contain the file extension “.WNCRYT”. Victim computers then proceed to display the below message with a demand for $300 to decrypt the files.    Read Full Article

May 12, 2017 | GIZMODO, DELL CAMERON

Ransomware may be mostly thought of as a (sometimes costly) nuisance, but when it hinders the ability of doctors and nurses to provide aid to those in need of emergency medical care, then it qualifies as armed robbery.On Friday, a quickly spreading, nasty piece of malware crossed mountains and oceans to infect more than 70,000 machines around the world in a matter of hours. Among those infected were more than a dozen hospitals in England, a telecom in Spain, FedEx’s offices in the United Kingdom, and apparently, the Russian Interior Ministry. Within half a day, there were instances detected on six continents.    Read Full Article

May 12, 2017 | LOS ANGELES TIMES, PARESH DAVE

Cybersecurity researchers said a malicious program that disabled computers at Britain's National Health Service, Russia's Interior Ministry and companies and homes across dozens of countries Friday originated with the National Security Agency.    Read Full Article

May 12, 2017 | USA TODAY, ELIZABETH WEISE AND JANE ONYANGA-OMARA

As many as 74 countries have been hit by a huge, fast-moving and global ransomware attack that locks computers and demands the digital equivalent of $300 per computer.    Read Full Article

May 12, 2017 | NASDAQ

The hacker group known as Shadow Brokers publicly released a set of tools on the social network platform Medium in April. Called EternalBlue and EternalRomance, the tools allow hackers backdoor access for remote control of infected computers. While the market hasn't reacted to the news of the release, Sean Dillon of cybersecurity firm RiskSense Inc. told Bloomberg that these tools are "10-times worse" than recent viruses like the Heartbleed bug that infected computers at Yahoo and Amazon.    Read Full Article

May 12, 2017 | STREETAUTHORITY, JOSEPH HOGUE

The hacker group known as Shadow Brokers publicly released a set of tools on the social network platform Medium in April. Called EternalBlue and EternalRomance, the tools allow hackers backdoor access for remote control of infected computers. While the market hasn't reacted to the news of the release, Sean Dillon of cybersecurity firm RiskSense Inc. told Bloomberg that these tools are "10-times worse" than recent viruses like the Heartbleed bug that infected computers at Yahoo and Amazon.    Read Full Article

May 12, 2017 | THREATPOST, MICHAEL MIMOSO

A ransomware attack running rampant through Europe today is spreading via an exploit leaked in the most recent ShadowBrokers dump.    Read Full Article

May 9, 2017 | NETWORK WORLD, OLIVER ROCHFORD

Risk scores seem all the rage right now. Executives want to know what their risk is. The constant stream over the past few years of high profile breaches and the resulting class action lawsuits, negative PR, loss in share price, cybersecurity insurance pay-out refusals, and even termination of liable executives has made this an urgent priority. The problem is we haven’t really developed a good way to measure risk.    Read Full Article

May 8, 2017 | GOVERNMENT TECHNLOGY MAGAZINE, EYRAGON EIDAM

As protecting government networks and IT assets becomes more and more important, officials in the public sector are increasingly looking to new tools to help them better identify the risks. This was the theme of a May 8 webinar hosted by Arizona Chief Information Security Officer (CISO) Mike Lettman and cybersecurity vendor RiskSense. During the roughly hour-long session, Lettman illustrated the importance of better mapping the threat environment and the state’s efforts to move more tactically when it comes to meeting those threats.    Read Full Article

May 4, 2017 | BLOOMBERGBUSINESSWEEK, DUNE LAWRENCE

It’s not every day a trove of National Security Agency-quality hacking tools gets dumped on the open market, free for the taking, but that’s what happened in April. Security researchers say there’s evidence hackers have already used the tools to infect hundreds of thousands of computers around the world, installing a so-called backdoor that opens up the machines to an almost unlimited level of remote control.    Read Full Article

April 26, 2017 | SECURITYWEEK, TORSTEN GEORGE (RISKSENSE VP GLOBAL MARKETING AND PRODUCTS)

There’s no doubt, we’re living in a data and intelligence-driven world when it comes to enterprise security. The volume, velocity, and complexity of information security data that must be processed to detect advanced attacks and, at the same time, support new business initiatives has been growing exponentially. However, data in its raw form is still only a means to an end. This begs the question: How can modern enterprise security programs be adapted to gain actionable insight from all the data they collect?    Read Full Article

April 25, 2017 | Virus Guides, Simona Atanasova

If you are a member of a read team or you have received a pen-rest report from such, then it is highly possible that you are familiar with the reports of Windows servers that are vulnerable to the Conficker worm (MS08-067). Conficker has been around for almost 10 years since the problem was addressed and the flaw was patched.    Read Full Article

April 24, 2017 | THREATPOST, MICHAEL MIMOSO

If you’re on a red team or have been on the receiving end of a pen-test report from one, then you’ve almost certainly encountered reports of Windows servers vulnerable to Conficker (MS08-067), which has been in the wild now for nearly 10 years since the bug was patched. A little more than two weeks after the latest ShadowBrokers leak of NSA hacking tools, experts are certain that the DoublePulsar post-exploitation Windows kernel attack will have similar staying power, and that pen-testers will be finding servers exposed to the flaws patched in MS17-010 for much longer than Conficker.    Read Full Article

April 21, 2017 | @ZEROSUM0X0

One week ago today, the Shadow Brokers (an unknown hacking entity) leaked the Equation Group's (NSA) FuzzBunch software, an exploitation framework similar to Metasploit. In the framework were several unauthenticated, remote exploits for Windows (such as the exploits codenamed EternalBlue, EternalRomance, and EternalSynergy). Many of the vulnerabilities that are exploited were fixed in MS17-010, perhaps the most critical Windows patch in almost a decade.    Read Full Article

April 18, 2017 | CABLELABS BLOG, MICHAEL GLENN (CABLELAB VICE PRESIDENT OF CYBERSECURITY)

On April 12, CableLabs hosted an Inform[ED] conference in NYC focused on the emerging IoT security landscape. This open event brought together business leaders, key technologists, and security experts from multiple industry sectors, academia, and government. They shared in-depth views of IoT's evolution and the increasing security, privacy and policy challenges arising from the ongoing and rapidly accelerating deployment of connected device    Read Full Article

April 18, 2017 | @ZEROSUM0X0

There is an active pull request at Metasploit master which adds DoublePulsar infection detection to this module. During the first Shadow Brokers leak, my colleagues at RiskSense and I reverse engineered and improved the EXTRABACON exploit, which I wrote a feature about for PenTest Magazine. Last Friday, Shadow Brokers leaked FuzzBunch, a Metasploit-like attack framework that hosts a number of Windows exploits not previously seen. Microsoft's official response says these exploits were fixed up in MS17-010, released in mid-March. Yet again I find myself tangled up in the latest Shadow Brokers leak. I actually wrote a scanner to detect MS17-010 about 2-3 weeks prior to the leak, judging by the date on my initial pull request to Metasploit master. William Vu, of Rapid7 (and whom coincidentally I met in person the day of the leak), added some improvements as well. It was pulled into the master branch on the day of the leak. This module can be used to scan a network range (RHOSTS) and detect if the patch is missing or not.    Read Full Article

April 7, 2017 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

The use of microservices and containers like Docker have led to a revolution in DevOps. Providing the agility that business have long awaited, these new technologies also introduce inherent security implications that cannot be ignored at a time when the enterprise attack surface continues to grow wider. Let’s consider these risks and how organizations can minimize their exposure to them.    Read Full Article

April 5, 2017 | Metropolitan Corporate Counsel, Matt Coatney

The legal services industry is hurtling headlong into a revolution in the way that we carry out virtually every aspect of our jobs. The introduction of artificial intelligence (AI) – intelligence exhibited by machines that are trained to learn and solve problems – is not just an extension of prior technologies. AI holds the potential to dramatically change the field in a variety of ways, from reducing bias in investigations to challenging what evidence is considered admissible.    Read Full Article

March 24, 2017 | IT Daily Advisor

Phishing e-mails are getting more sophisticated, and with so many potential enemies out there, it may be easier to know your coworkers in order to head off attacks. Something as simple as an uncharacteristic turn of phrase or tone can clue people into an e-mail’s illegitimacy.    Read Full Article

March 17, 2017 | Albuquerque Business First, Juliana Vadnais

It’s not a secret that New Mexico has struggled to recover from the recession. Jobs across the state and in Albuquerque have fluctuated over the years with big layoffs as well as big hiring announcements. The trend is down, with the state losing 2,000 jobs from June 2015 to June 2016, according to the Bureau of Labor Statistics.    Read Full Article

March 16, 2017 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Cyber security and cyber threats are most often confused with cyber risk, and often used interchangeably, but they are worlds apart. What is the difference between these concepts and what really defines an organization’s cyber risk posture, internal security posture, and the exploitability of threats in the context of organizational risk?    Read Full Article

March 15, 2017 | Albuquerque Journal

RiskSense Inc. has moved its Silicon Valley office to a larger space to accommodate the Albuquerque company’s rapid growth. The new office space is nearly three times larger than RiskSense’s previous space in Sunnyvale, according to a news release from the cybersecurity firm.    Read Full Article

March 13, 2017 | Inside Security Newsletter

RiskSense, the developer of a cyber risk management platform with offices in Sunnyvale and New Mexico, closed a $14M series A round led by Paladin Capital Group.    Read Full Article

March 13, 2017 | Albuquerque Business First, May Ortega

RiskSense recently doubled its Series A funding to a total of $14 million, which Mukkamala said would be used to expand sales, speed up product development and — one of the company's long-time goals — enter the cyber security insurance realm.    Read Full Article

March 13, 2017 | AXIOS

RiskSense, an Albuquerque, N.M.-based provider of cyber risk management solutions, has raised $7 million in new Series A funding (bringing the round total to $14m). Jump Capital came in as a new investor on the round, which previously was led by Paladin Capital Group. The company also secured a debt facility from Silicon Valley Bank.    Read Full Article

March 11, 2017 | Fortune

RiskSense, an Albuquerque cybersecurity company, has increased its Series A round to $14 million. The company’s investors included Jump Capital, Paladin Capital Group, Sun Mountain Capital, EPIC Ventures, and CenturyLink.    Read Full Article

March 10, 2017 | ReadITQuik, Pratibha Nanduri

Cyber risk management company RiskSense has announced that it has received an additional infusion of Series A funds raising the total capital to $14 million. Jump Capital has made the new contribution. The earlier funding was received from Paladin Capital Group, EPIC Ventures, Sun Mountain Capital, and CenturyLink. The funds raised will be used to expand the existing sales and marketing efforts, accelerate and increase the scope of product development and enter new product markets like cybersecurity insurance.    Read Full Article

March 10, 2017 | Albuquerque Business First, Rachel Sams

Before August, RiskSense had never done a round of outside investment. Seven months later, it boasts one of the largest investment rounds by a New Mexico company in recent memory.    Read Full Article

March 10, 2017 | eSecurity Planet, Pedro Hernandez

The company's machine-learning technology helps enterprises focus their security efforts on high-priority threats. Add one more to the growing tally of security funding deals in early 2017. RiskSense, an Albuquerque, NM cyber-risk management company, announced this week that it had raised $14 million in a Series A round of financing.    Read Full Article

March 9, 2017 | Albuquerque Business First, May Ortega

RiskSense announced Thursday that it has doubled its funding round, raising a total of $14 million. Jump Capital joins four firms investing in the company's Series A round of financing.    Read Full Article

March 9, 2017 | FINSMES

RiskSense, Inc., an Albuquerque, NM-based developer of pro-active cyber risk management solutions, raised an additional Series A funding. As part of this extension, which brought total funding in the round to $14M, Jump Capital joined existing investors Paladin Capital Group, Sun Mountain Capital, EPIC Ventures, and CenturyLink. In addition, Silicon Valley Bank provided a debt facility.    Read Full Article

March 9, 2017 | BayArea TechWire

RiskSense, the developer of a cyber risk management platform with offices in Sunnyvale and New Mexico, said on Thursday it has landed an additional $7 million in its first round of funding, raising the total of the round to $14 million.    Read Full Article

March 8, 2017 | 4-traders

RiskSense, Inc., a US-based provider of cyber risk management solutions, has secured an additional Series A round of funding from Jump Capital, Paladin Capital Group, Sun Mountain Capital, EPIC Ventures, and CenturyLink, Inc.    Read Full Article

March 6, 2017 | CIR

Product and features: Your guide to risk software products along with a comprehensive table of features.    Read Full Article

March 2, 2017 | SecurityAsia, Evan Schuman

Cyberthieves today know that it’s better to be sneaky and crafty than forceful. To be even more blunt, they know that it’s better to trick you into doing their work than to break in and do it themselves.    Read Full Article

March 1, 2017 | Cybersecurity Ventures

Cybersecurity Ventures announced the Q1 2017 edition of the Cybersecurity 500, a global compilation of leading companies who provide cybersecurity solutions and services. RiskSense made an upward move to No. 118, which is a jump of almost 200 spots.    Read Full Article

March 1, 2017 | Momentum Partners

Momentum Partners, advisors and dealmakers in cybersecurity, has announced the final 10 companies added to the firm’s annual Watch List. Each quarter 10 companies are selected after carefully weighing feedback from the field and considering a variety of growth and innovation factors.    Read Full Article

February 28, 2017 | CSO Online, Evan Schuman

Cyberthieves today know that it’s better to be sneaky and crafty than forceful. To be even more blunt, they know that it’s better to trick you into doing their work than to break in and do it themselves.    Read Full Article

February 28, 2017 | Computerworld, Evan Schuman

Cyberthieves today know that it’s better to be sneaky and crafty than forceful. To be even more blunt, they know that it’s better to trick you into doing their work than to break in and do it themselves.    Read Full Article

February 23, 2017 | Cyber Defense Magazine, Torsten George (RiskSense VP Global Marketing and Products)

While malware attacks and data breaches at companies such as Oracle, SWIFT, Cisco, and Yahoo! continue to make headlines almost daily, many organizations still practice a traditional approach to enterprise security, which is mainly end point-focused, labor-driven, and vulnerability oriented. Meanwhile, cyber adversaries have advanced their attack methodologies and long moved on to target new areas of the attack surface, including but not limited to applications, cloud, and Internet of Things (IoT). In 2017, information security professionals should consider a new approach that assesses the growing attack surface in its entirety and prioritizes remediation based on threat susceptibility and business impact, rather than solely on internal security findings.    Read Full Article

February 22, 2017 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

A few weeks ago, the World Economic Forum (WEF) met in Davos, Switzerland where an expert working group issued a report “Advancing Cyber Resilience: Principles and Tools for Boards.” It is touted as a first-of-its-kind resource to support board of directors and CEOs on cyber security and cyber resilience strategy. The WEF’s principles and tools are designed to help corporate boards and senior management strengthen their organizations’ cyber hygiene and posture. The principles are a response to the increasing threat cyber risks pose to the world economy. Their aim is to provide guidance for managing cyber risks much in the same way that organizations manage enterprise risk. Let’s consider whether the proposed principles and tools can improve cyber resilience, and which types of enterprises can benefit most from implementing them.    Read Full Article

February 17, 2017 | ChannelInsider, Gina Roos

The latest platform release from RiskSense delivers security as a service that aligns a customer's vulnerability management priorities with the biggest threats.    Read Full Article

February 15, 2017 | Xconomy, Bernadette Tansey

A cybersecurity executive I talked to recently raised a scenario like this: You and your cousin swap opinions about a standout basketball player one night. The next day you get an email from your cousin’s friend. He says your cousin told him you’d like this new article about your favorite point guard, and he attaches the link. Later you find out your working laptop’s been hacked, and some of your employer’s confidential data has been stolen.    Read Full Article

February 13, 2017 | Cyber Defense Magazine

Line up of all 2017 CDM InfoSec Award winners that were announced on the first day of RSA Conference 2017.    Read Full Article

February 13, 2017 | DATAVERSITY, Angela Guess

According to a recent press release, “RiskSense Inc., the pioneer and market leader in pro-active cyber risk management, today announced it will unveil at the upcoming RSA Conference 2017 in San Francisco the first integrated platform that allows governments and enterprises to identify cyber risk exposure across their network, endpoint, application, and database layers. In addition to continuously assessing, scoring, and prioritizing cyber risks, RiskSense assists in quickly orchestrating remediation and validating the results.”    Read Full Article

February 10, 2017 | Blue Hill Research, Dr. Alea Fairchild

RSA 2017 starts Monday February 13th at the Moscone Center in San Francisco and promises to be a jam-packed conference full to bursting with expo participants. This year’s conference will focus on the advances and pitfalls of innovation within the industry, the importance of intelligence sharing and continued rise of threats related to IoT and ransomware. The role of information security and innovation in the enterprise is key to this year’s conference, with Symantec doing their presentation on innovation and the future of cyber security. Going to RSAC this year? Here are several booths to put on your ‘route map’ for your visit...    Read Full Article

February 9, 2017 | Global Association of Risk Professionals, Ted Knutson and Jeffrey Kutler

Cybersecurity is not an either-or, black-and-white, “safe or out” proposition. How can a risk professional or chief information security officer deliver simple but revealing threat and preparedness data to senior executives and directors?    Read Full Article

February 6, 2017 | Albuquerque Business First, Shelby Perea

Bill Bradley, senior vice president for cyber engineering and technology services of CenturyLink is joining the board of directors of Albuquerque-headquartered RiskSense Inc.    Read Full Article

February 6, 2017 | ChannelVision Magazine, Tara Seals

RiskSense has updated its cyber-risk management platform, available via channel partners. The latest release of the software-as-a-service platform, RiskSense 7.0, integrates the TIBCO Jaspersoft Business Intelligence Engine, providing enhanced flexibility in the design and customization of self-service reports, clear and concise visualizations, and quick analysis and report generation. These advanced security analytics capabilities enable automated coordination among business stakeholders, provide real-time visibility into an organization’s cyber-risk exposure, and enable security program benchmarking over time.    Read Full Article

February 1, 2017 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

October 2016 marked the one-year anniversary of the implementation of the Payment Card Industry (PCI) “EMV” mandate. However, a steady stream of data breaches impacting millions of shoppers and their credit card information including last year’s hack of Oracle’s MICROS Point-of-Sale Division, begs the question: “Is EMV really helping to reduce credit card fraud and minimize the risk of data exfiltration?”    Read Full Article

January 31, 2017 | Albuquerque Business First, Rachel Sapin

Gary Tonjes, president of Albuquerque Economic Development, was named one of the top 50 economic developers in the United States, Canada, and Mexico for 2017. That's according to an annual list from Michigan-based Consultant Connect, a company that describes itself as one that bridges "the gap between economic developers and site consultants."    Read Full Article

January 30, 2017 | Momentum Partners

Momentum's January Cybersecurity Snapshot, showcasing the latest flurry of strategic activity in the cybersecurity space, in terms of both M&A and financings, including two $1B+ deals.    Read Full Article

January 28, 2017 | Security Weekly

RiskSense, the pioneer and market leader in pro-active cyber risk management, announced RiskSense Platform 7.0. The new release includes a Multi-Client Dashboard that enables Managed Security Service Providers (MSSP) to deliver risk management offerings that align a client's vulnerability management priorities to focus on the most serious threats posed to their business operations.    Read Full Article

January 27, 2017 | Help Net Security, Mirko Zorz

RiskSense Platform 7.0 includes a Multi-Client Dashboard that enables Managed Security Service Providers (MSSP) to deliver risk management offerings that align a client’s vulnerability management priorities to focus on the most serious threats posed to their business operations.    Read Full Article

January 26, 2017 | Security Guy Radio

Chuck Harold from Security Guy Radio discusses cyber security, risk management, and the growing attack surface with RiskSense VP Global Marketing and Products Torsten George.    Read Full Article

January 23, 2017 | IT World Canada, Howard Solomon

A board should take ultimate responsibility for oversight of their organization's cyber risk and resilience, says a new security toolkit for directors from the World Economic Forum. Issued last week at the annual conference of business and political leaders in Davos, Switzerland, it gives boards another tool to help guide them in stiffening their organization's cyber security.    Read Full Article

January 19, 2017 | CB Insights

Modeling cybersecurity risks is difficult for insurance companies. A growing cyber threat landscape and rising incidence of costly attacks makes it increasingly difficult to offer the right cyber insurance packages at the right premiums. Mark Clancy of The Depository Trust & Clearing Corp. has said that the current state of cyber-risk modeling is like “trying to use the count of arrests for a crime to figure out the dollar losses from theft.” Difficulty modeling risk from cyber threats in the commercial insurance business has created opportunities for a growing number of startups to offer security benchmarking — the industry’s term for comparing the relative security of companies’ networks and systems. Insurance companies can then use these security benchmarking tools to make smarter underwriting decisions around cyber liability. Some startups also provide FICO-like scores around company risk profiles.    Read Full Article

January 18, 2017 | Crain's Silicon Valley, Jonathan Cassell

In this ongoing series, we ask executives, entrepreneurs and business leaders about mistakes that have shaped their business philosophy. In this issue, Crain's Silicon Valley interviews Dr. Srinivas Mukkamala, co-founder and CEO at RiskSense, Inc.    Read Full Article

January 11, 2017 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Cyber-attackers are leveraging automation technology to launch strikes, while many organizations are still using manual efforts to aggregate internal security findings and contextualizing them with external threat information. Using these traditional methods, it can take weeks or months to detect intrusions, during which time attackers can exploit vulnerabilities to compromise systems and extract data. To address these challenges, progressive organizations are exploring the use of artificial intelligence (AI) in their day-to-day cyber risk management operations.    Read Full Article

December 28, 2016 | IT World Canada, Howard Solomon

As cyber security pros look to 2017 there’s no shortage – as in previous years – of predictions that we’re going to see more of the same: More spear phishing attacks, more DDoS attacks, more ransomware, more suspected state-sponsored intrusions…    Read Full Article

December 21, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

For decades, organizations have focused their security efforts on network perimeter defense and how to secure servers, computers, and network equipment. However, in an interconnected world, a “hardware-defined” approach has lost its relevance. As organizations transition to software-defined networks, they need to look beyond the network layer to protect their expanding attack surface and consider: How is the perimeter-less attack surface rendering today’s enterprise security model ineffective? What steps can organizations take to keep up with evolving threats?    Read Full Article

December 20, 2016 | Anti-Corruption Digest

There are many different companies in the security analytics space, each attempting to sift through data in an attempt to help detect potential threats. One such vendor is RiskSense, which is a spin-off from the New Mexico Institute of Mining and Technology and has technology that is already in use by the U.S Department of Defense.    Read Full Article

December 19, 2016 | eWeek, Sean Michael Kerner

Video: Srinivas Mukkamala, CEO and Co-Founder of RiskSense explains his company's technology and approach to looking beyond just threat detection, to help improve security.    Read Full Article

November 30, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage. The result is often lengthy dwell times and asynchronous iterations that limit the effectiveness of cyber security programs. This begs the question what is holding us back from prevailing against cyber-attacks. And more importantly, what are emerging approaches that allow organizations to transition from a traditional domain expert model to an interactive, iterative, and collaborative model.    Read Full Article

November 30, 2016 | Albuquerque Journal, Kevin Robinson-Avila

The New Mexico Institute of Mining and Technology’s new president, Stephen Wells, hopes to build a “spirit of entrepreneurship” throughout the college campus in Socorro.    Read Full Article

November 21, 2016 | Albuquerque Business First, Christopher Ortiz

The state's largest college has kicked off an IT apprenticeship program. On Friday, several Albuquerque companies visited Central New Mexico Community College to sign an agreement to participate in the newly established New Mexico Information Technology Apprenticeship Program. CNM was one of 46 organizations nationwide to receive a grant from the Department of Labor’s $175 million American Apprenticeship Grants Initiative. CNM received a nearly $3 million Department of Labor grant.    Read Full Article

November 17, 2016 | Albuquerque Business First, Christopher Ortiz

From grilling burgers for employees to bringing table tennis and yoga Tuesdays to the office, this year's Best Places to Work finalists understand that a happy employee is a productive employee. The winners were announced at a sold-out red carpet event Thursday at Century Theater Downtown. View the category winners and see how all our finalists ranked in the accompanying slideshow.    Read Full Article

October 27, 2016 | CNET, Laura Hautala

How did hackers find all the net-connected gadgets they used to attack Dyn and knock out your favorite sites? It's as easy as typing in some search terms.    Read Full Article

October 12, 2016 | eSecurity Planet, Phil Britt

Point-of-sale (POS) systems seem to be a growing target for hackers. In early August, security expert Brian Krebs reported on his Krebs on Security site that Oracle's MICROS POS division had suffered a breach in its customer support portal for companies using its point-of-sale card payment systems. Attacks like this and a recent data breach involving Eddie Bauer Stores in the U.S. and Canada are just a few examples of hackers targeting POS systems.    Read Full Article

October 5, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

The use of a Zero Trust model to minimize cyber risk exposure has returned to the spotlight after a report by the U.S. House of Representatives’ Committee on Oversight and Government Reform detailed the events leading up to the sweeping hack of the U.S. Office of Personnel Management (OPM). One of the report’s recommendations was for Federal information security efforts to move toward a Zero Trust model, in which users inside a network are treated as no more trustworthy than users outside a network. However, is this alternative approach really an effective measure to minimize cyber risk or does it just create new challenges?    Read Full Article

October 5, 2016 | Albuquerque Business First, Christopher Ortiz

Movies like "Office Space" and television shows like "The Office" often depict a workplace that might win an award for "worst places to work." But Business First's Best Places to Work finalists are flipping the script on the workplace. We're happy to say that this year's 33 Best Places to Work finalists are nothing like Initech or Dunder Mifflin. Our survey partner, Quantum Workplace, administered anonymous workplace satisfaction surveys of employees at companies that were nominated by the public. The companies that received the highest scores are our Best Places finalists. This year our finalists are divided into four categories: small businesses (10-24 employees), medium businesses (25-49 employees), large businesses (50-249 employees) and extra-large businesses (250-99,999 employees). View the accompanying slideshow to see this year's finalists, listed alphabetically by category. We asked them to send us photos of their team celebrating the news that they are a Best Places to Work finalist, and to be creative.    Read Full Article

October 3, 2016 | Albuquerque Business First, Marissa Higdon

Recruiters from RiskSense, an Albuquerque-based cyber risk management company, and Rural Sourcing Inc., an Atlanta-based IT outsourcing company which recently opened an office in Albuquerque, had a message for participants at the experienceIT New Mexico conference on Sept. 30.    Read Full Article

October 3, 2016 | DARK Reading, Kelley Sheridan

The Security Innovation Network (SINET) has shared the results of its annual SINET 16 competition created to discover the most innovative cybersecurity companies.    Read Full Article

September 29, 2016 | SC Magazine, Jeremy Seth Davis

The Internet Systems Consortium (ISC) released an update Tuesday for a high-severity security flaw that would allow the Berkeley Internet Name Domain (BIND) software, the open source software component that implements Domain Name System (DNS) protocols, to be exploited by remote attackers to launch denial-of-service (DoS) attacks.    Read Full Article

September 29, 2016 | TechTarget - SearchFinancialApplications, Alan R. Earls

The HR department is home to a plethora of employees' sensitive personally identifiable information. Here's how to make sure that valuable information stays safe.    Read Full Article

September 28, 2016 | USA Today, Elizabeth Weise

Both U.S. presidential candidates have vowed to take on the world when it comes to cyber warfare. But full-scale cyber retaliation might be hard to spot and even harder to count as a win.    Read Full Article

September 27, 2016 | Albuquerque Business First

The state of New Mexico provides a number of economic incentives for qualifying New Mexico-based businesses. The incentives are designed with a number of goals in mind, with one theme in common: Expanding the economy in New Mexico and, therefore, providing jobs and opportunities for New Mexicans.    Read Full Article

September 26, 2016 | Albuquerque Journal, Kevin Robinson-Avila

Downtown Albuquerque is ground zero this week for anyone involved in, aspiring to join, or simply curious about New Mexico’s burgeoning technology industry. ExperienceIT, organized by the New Mexico Technology Council, will offer a series of technology-related events and social gatherings starting Tuesday and culminating Friday in an all-day conference and evening walking tour of Downtown technology businesses.    Read Full Article

September 23, 2016 | Academic Spotlight, San Jose State University

More than 30 San Jose State University students, faculty and staff members will share the ways they are using technology to enhance teaching and learning at the Innovation and Collaboration Expo on Oct. 5 and 6, from 9 a.m. to 4 p.m., in the Student Union Ballroom. In its third year, the event is open to students, staff and faculty at SJSU. The public and members of other California State University campuses are also invited to attend. The majority of speakers and panelists will be faculty and staff who will share examples of how they have incorporated technology into their teaching to support student success.    Read Full Article

September 23, 2016 | Momentum Partners

Momentum's updated CYBERscape - the most comprehensive mapping of the global Cybersecurity landscape. While Momentum maintains a proprietary database of 1,700+ Cybersecurity companies, the CYBERscape market map includes 474 companies categorized across 22 subsectors.    Read Full Article

September 19, 2016 | Cantech Letter, Nick Waddell

SINET, an organization focused on advancing Cybersecurity innovation through global public-private collaboration, announced today the winners of its annual SINET 16 competition. The companies, which were selected from a pool of 82 applicants and nine different countries, including Australia, Canada, Israel, Japan, Norway, Singapore, Sweden and the United Kingdom, represent a range of solution providers who are identifying cutting-edge technologies to address Cybersecurity threats and vulnerabilities.    Read Full Article

September 19, 2016 | Albuquerque Business First, Marissa Higdon

Artificial intelligence has exciting applications for almost all businesses, especially for startups, says William Yeoh, an assistant professor at New Mexico State University who studies the technology.    Read Full Article

September 15, 2016 | SINET

SINET, an organization focused on advancing Cybersecurity innovation through public-private collaboration, announced today the winners of its annual SINET 16 competition. The companies, which were selected from a pool of 82 applicants from nine different countries, including Australia, Canada, Israel, Japan, Norway, Singapore, Sweden and the United Kingdom, represent a range of Cybersecurity solution providers who are identifying cutting-edge technologies to address Cybersecurity threats and vulnerabilities. The selected companies will share their work with buyers, builders, investors and researchers during the SINET Showcase on Nov. 2 – 3, 2016 at the National Press Club in Washington, DC.    Read Full Article

September 15, 2016 | Albuquerque Business First, Marissa Higdon

A lot of familiar faces will be featured at the New Mexico Technology Council's experienceIT New Mexico Conference on Sept. 27-30. Leaders from large local technology companies are scheduled to give talks and participate in roundtable and networking events. Lavu's newly appointed President, Ohad Jehassi, will speak, and so will RiskSense's Mark Fidel, Boomtime's Bill Bice and R. Terry Dunlay, leader of recently acquired IntelliCyt. And that list isn't even close to exhaustive.    Read Full Article

September 13, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Breaking down silos created by individual security products and streamlining collaboration between security and IT operations remains the biggest cyber risk management challenge facing organizations. This finding is based on feedback from leading security executives during a recent multi-city tour organized by the CISO Executive Network. The biggest concerns for security practitioners in defending against cyber-attacks are centered in three core areas: Identification, Prioritization, and Orchestration of Remediation. Their ultimate stated objective is to operationalize cyber risk management and implement a pro-active, rather than reactive, approach to cyber risk detection, prevention, and response.    Read Full Article

September 12, 2016 | Golden Bridge Awards

See the pictures from the 8th Annual 2016 Annual Bridge Awards gala dinner.    Read Full Article

August 30, 2016 | SecurityWeek, Kevin Townsend

The European Union Agency for Network and Information Security (ENISA) published The cost of incidents affecting CIIs – a review ‘of studies concerning the economic impact of cyber-security incidents on critical information infrastructures’. Published this month, it is an analysis of ‘cost of breach’ reports; and it draws some worrying conclusions.    Read Full Article

August 29, 2016 | Albuquerque Journal, Kevin Robinson-Avila

In today’s interconnected cyberworld, effective cybersecurity depends on humans and artificial machine intelligence working together to protect businesses, institutions and communities. That’s the basic premise on which Albuquerque-based cybersecurity firm RiskSense has carved out a rapidly growing niche in the exploding cybersecurity market.    Read Full Article

August 29, 2016 | InformationWeek, Lisa Morgan

IoT devices are entering the workplace in all shapes and sizes, from workers wearing smartwatches to industrial sensors such as soil monitors. The data pouring in may be so overwhelming it's unclear what should be done with it, why, and what the risks might be. Here are a few ways to navigate the maze.    Read Full Article

August 29, 2016 | Albuquerque Journal, Kevin Robinson-Avila

With cyber crime growing exponentially, cybersecurity products and services are emerging as a premier 21st-century industry. As of 2014, a joint report by Intel Security and the Center for Strategic and International Studies in Washington, D.C., estimated that cyber attacks were costing businesses worldwide about $445 billion per year and possibly up to $575 billion. U.S. firms alone were losing $100 billion annually, leading to the loss of about 200,000 jobs a year, according to the report.    Read Full Article

August 26, 2016 | ALBUQUERQUE BUSINESS FIRST, CHRISTOPHER ORTIZ

Over the summer more than a dozen New Mexico companies received $2.2 million to create more than 313 jobs, according to a press release. The New Mexico Economic Development Department says the Job Training Incentive Program reported that 16 companies received funding in June and July.    Read Full Article

August 26, 2016 | CIO, MARIA KOROLOV

In the wake of continued security problems, NASA's CIO is sending a no-confidence signal to Hewlett Packard Enterprise, which received a $2.5 billion contract in 2011 to address problems with the agency's outdated and insecure information technology infrastructure.    Read Full Article

August 26, 2016 | IT WORLD, MARIA KOROLOV

In the wake of continued security problems, NASA's CIO is sending a no-confidence signal to Hewlett Packard Enterprise, which received a $2.5 billion contract in 2011 to address problems with the agency's outdated and insecure information technology infrastructure.    Read Full Article

August 26, 2016 | LE MONDE INFORMATIQUE, MARIA KOROLOV

Renee Wynn, DSI de l'agence spatiale américaine, a refusé de signer le contrat « d'autorité pour opérer » à Hewlett Packard Enterprise. Le manque de capacité du fournisseur à assurer une protection suffisante des infrastructures informatiques de la Nasa a pesé lourd dans cette décision pour laquelle HPE a 6 mois afin de corriger le tir.    Read Full Article

August 26, 2016 | CSO, MARIA KOROLOV

In the wake of continued security problems, NASA's CIO is sending a no-confidence signal to Hewlett Packard Enterprise, which received a $2.5 billion contract in 2011 to address problems with the agency's outdated and insecure information technology infrastructure.    Read Full Article

August 26, 2016 | Techbeacon, John P. Mello, Jr.

While the IPO market for information security companies has been fallow in recent months, startups continue to attract cash. Sure, there's plenty of hype—there always is—but there are some interesting ideas out there, too, ideas that can help slow the daily tattoo of bad news about data breaches and ransomware jackpots for hackers. Here is a baker's dozen of cybersecurity startups worth paying attention to by following them on Twitter.    Read Full Article

August 25, 2016 | Global University Venturing, Thierry Heles

The spinout of New Mexico Institute of Mining and Technology has raised its first funding round led by Paladin Capital Group.    Read Full Article

August 23, 2016 | Security Today

The Security Products New Product of the Year Award is now in its eighth successful year. The award program honors the outstanding product development achievements of security equipment manufacturers whose products are considered particularly noteworthy in their ability to improve security.    Read Full Article

August 22, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Today, even mid-sized organizations are dealing with thousands of vulnerabilities across their growing attack surface. Therefore, relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process. Without determining the risk associated with vulnerabilities, organizations often misalign remediation efforts and resources. This approach not only wastes time and money, it also extends the window of opportunity for hackers to exploit critical vulnerabilities. This begs the question: what steps are required to focus remediation efforts on the threats that represent the biggest risks to an organization?    Read Full Article

August 18, 2016 | Security Guy Radio

Watch the video from Security Guy Radio that was taken during Black Hat USA 2016 in Las Vegas, in which Vice President of Global Marketing and Product Torsten George talks about how RiskSense helps organizations to reveal their cyber risk exposure, quickly orchestrate remediation, and monitor the results.    Read Full Article

August 16, 2016 | Network World, Tim Greene

RiskSense, software-as-a-service that evaluates the security of corporate networks and generates a risk score, has been self-financed since its launch last year, but now has harnessed venture funding to help boost its R&D and hire marketing and sales staff.    Read Full Article

August 16, 2016 | CIO, Time Greene

RiskSense, software-as-a-service that evaluates the security of corporate networks and generates a risk score, has been self-financed since its launch last year, but now has harnessed venture funding to help boost its R&D and hire marketing and sales staff.    Read Full Article

August 11, 2016 | Albuquerque Business First, Marissa Higdon

Before they were a part of one of New Mexico’s fastest growing companies, the founders of RiskSense taught cybersecurity at the New Mexico Institute of Mining and Technology. Torsten George, vice president of global marketing and products for the company, says the RiskSense began in 2006, as Computational Analysis and Network Enterprise Solutions (CAaNES.) Based on research conducted at New Mexico Tech, CAaNES provided consulting services to groups looking to improve their cybersecurity.    Read Full Article

August 3, 2016 | FINSMES

RiskSense, Inc., an Albuquerque, NM-based pro-active cyber risk management platform, is closing a $7M funding. The round was led by Paladin Capital Group, with participation from Sun Mountain Capital, Epic Ventures, as well as other strategic and private investors. In conjunction with the funding, Paladin Capital Group principal Mourad Yesayan will join RiskSense’s board of directors.    Read Full Article

August 3, 2016 | Tech Rockies

Albuquerque-based RiskSense, which develops cyber risk management software, announced this morning that it has raised $7M in a funding round    Read Full Article

August 3, 2016 | Albuquerque Journal

The Albuquerque-based cybersecurity firm RiskSense closed on a $7 million investment this week from local and out-of-state venture firms to help grow its markets and expand its products.    Read Full Article

August 3, 2016 | Albuquerque Business First, Marissa Higdon

RiskSense, a cybersecurity company founded as a tech transfer from New Mexico Institute of Mining and Technology, has received $7 million in investment funding, a large sum for the company's first round of outside investment.    Read Full Article

August 3, 2016 | PE Hub Network, Iris Dorbian

RiskSense, a provider of cyber risk management solutions, has raised $7 million in funding. Paladin Capital Group led the round with participation from other investors that included Sun Mountain Capital and EPIC Ventures. In conjunction with the funding, Mourad Yesayan, a principal at Paladin Capital, has been added to RiskSense’s board of directors.    Read Full Article

July 26, 2016 | Albuquerque Business First, Marissa Higdon

RiskSense, one of Albuquerque Business First's fastest-growing companies, works with a lot of industries through its risk management platform, a software that identifies and helps remedy cybersecurity gaps. Eight industries are especially regular users of cybersecurity technology, says Torsten George, vice president of global marketing and products for the company.    Read Full Article

July 15, 2016 | CSO, Kacy Zurkus

When first entering into any field, most of us have our eye on the prize. I wanted to be a talk show host, so I started out as a communications major. I interned at a local news station, and when I saw myself on camera, I immediately determined that I would never again be on screen.    Read Full Article

July 13, 2016 | Intel Security

Intel Security today announced the expansion of its extensive partner ecosystem through the Intel Security Innovation Alliance, welcoming 24 new partners and broadening its portfolio of tightly integrated security solutions. The Intel Security Innovation Alliance leads the way with its innovative open architecture, and more than 150 partners around the world, across 12 global markets.    Read Full Article

July 13, 2016 | CRN UK, Tom Wright

Security vendor adds 24 new vendors to its security alliance, a move it says recognizes that it can't do it all alone    Read Full Article

July 13, 2016 | IT World Canada, Howard Solomon

Infosec pros often find vulnerabilities during a penetration test, but that isn’t a vulnerability assessment. The two shouldn’t be confused, says Torsten George, vice president of marketing and product management at cyber risk management software vendor RiskSense.    Read Full Article

July 13, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart. To strengthen an organization’s cyber risk posture, it is essential to not only test for vulnerabilities, but also assess whether vulnerabilities are actually exploitable and what risks they represent. To increase an organization’s resilience against cyber-attacks, it is essential to understand the inter-relationships between vulnerability assessment, penetration test, and a cyber risk analysis.    Read Full Article

July 7, 2016 | Albuquerque Business First, Juliana Vadnais

New Mexico has still not quite made it out of a recession but we're seeing some bright spots. Since 2013, when Business First revived the Fastest Growing Companies Awards — first called Fast Trackers in the 2000s — the growth and number of honorees has steadily improved. We definitely see this as a good sign. Today, we're revealing our 29 Fastest Growing Companies honorees for 2016. See them all in the accompanying slideshow, listed alphabetically.    Read Full Article

June 23, 2016 | SecurityInfoWatch, Torsten George (RiskSense VP Global Marketing and Products)

While politicians and security experts are constantly warning about the risk of cyber-attacks, they rarely, if ever, mention the risks associated with the Internet of Things (IoT). This is especially relevant for medical devices, which are part of the IoT ecosystem and have become a lucrative target for hackers.    Read Full Article

June 22, 2016 | Albuquerque Business First, Marissa Higdon

RiskSense Inc., an Albuquerque-based cyber risk management company, released a new risk management platform Tuesday. Torsten George, vice president of global marketing and products for the company, says this is just the beginning of a new push for RiskSense.    Read Full Article

June 22, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Hackers are constantly looking for vulnerabilities they can exploit to gain access to corporate networks, industrial control systems, financial data, and more. One of the best kept secrets in the hacker’s toolkit has become Google Dorking. It can be used to identify vulnerable systems and trace them to a specific place on the Internet. This begs the questions: how does Google Dorking work, what risks are associated with it, and how can organizations minimize their exposure.    Read Full Article

June 9, 2016 | DARK Reading, Dr. Srinivas Mukkamala (RiskSense CEO and Co-Founder)

Google Dorking sounds harmless, but it can take your company down. Here's what you need to know to avoid being hacked. Virtually everyone uses Google or other search engines, but what most people don't know is that these search engines can perform advanced queries that are exploited to carry out successful cyberattacks.    Read Full Article

June 1, 2016 | CSO, Kacy Zurkus

There are moments when I am engrossed in an interview that feel very much like Groundhog Day for me. Regardless of the person with whom I am speaking with in the cyber security industry, what I hear is very much the same. Threat intelligence overload, visibility, automation, machine learning, jobs gap. Inevitably, the question that guides the work of most security practitioners is how do we solve these problem?    Read Full Article

June 1, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

To respond to mounting cyber-attacks, advanced persistent threats, and insider leaks, enterprises and government entities need reliable, real time visibility into their IT security posture. Unfortunately, it can take weeks or months to detect intrusions using traditional methods, during which time attackers can exploit vulnerabilities to compromise systems and extract data. To address these challenges, organizations are exploring the use of a military concept called the OODA (Observe, Orient, Decide, Act) Loop in their day-to-day cyber risk management operations.    Read Full Article

May 26, 2016 | Albuquerque Business First, Rachel Sams

Many businesspeople cut corners on this because they're pressed for time, but making time for it could actually improve your productivity. And your mood. Read on for that and five more things to know for Thursday.    Read Full Article

May 26, 2016 | Morning Brew

Watch the video...    Read Full Article

May 26, 2016 | Albuquerque Business First

Albuquerque Business First held its first-ever Innovation New Mexico Awards. The most accurate description would probably be World’s Fair meets grown-up science fair. Each of our honorees was on hand, displaying their innovative products, processes and services. 30 companies were named Innovation New Mexico honorees.    Read Full Article

May 25, 2016 | Albuquerque Business First, Candace Beeke

On this, the last day of school for Albuquerque Public Schools students, it seems only fitting to dedicate my column to education and our pursuit of bettering it in New Mexico.    Read Full Article

May 11, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Ransomware is dominating the headlines so far in 2016, having moved from targeting individuals to holding corporate data hostage and extorting payments to decrypt the files. Holding someone or something for ransom is a simple yet effective strategy that has been used by criminals for thousands of years. Today, cyber criminals are applying these ancient techniques to modern technologies. So what do enterprises need to know about ransomware attacks and what can they do to minimize the risk of being victimized?    Read Full Article

April 22, 2016 | Albuquerque Journal

RiskSense, Inc., of Albuquerque has been named a finalist in two categories of the 2016 Cybersecurity Excellence Awards for its innovation and leadership in information security, the company said. RiskSense and the RiskSense Platform were shortlisted in the Most Innovative Cybersecurity Company and Best Vulnerability Management product categories by a panel of security experts as well as a popular vote by the information security community.    Read Full Article

April 13, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

More and more board of directors are mandating that their organizations transition to a pro-active cyber risk management approach that aligns with the company’s business objectives. Why are boards getting nowadays involved in cyber risk management? Traditionally, cyber security has been considered the exclusive domain of...    Read Full Article

April 11, 2016 | Silicon Valley Business Journal

Sheldon Feinland joins RiskSense from Systech Int'l., where he grew revenue more than 300% over a two-year period. At Damballa, he grew revenues by 100% year-over-year; and helped Guidance Software achieve a successful IPO. Feinland is an expert in compliance, security, risk, BI and analytics.    Read Full Article

April 11, 2016 | SILICON VALLEY BUSINESS JOURNAL

Brett Newsome brings 20+ years of financial and operational expertise to RiskSense. Previously, he was CFO for Infrastructure-as-Service providers, Joyent and GoGrid. As VP Finance for UltraDNS, he led the company to successful acquisition by Neustar (NYSE: NSR). Earlier he was with KPMG & Citi.    Read Full Article

April 11, 2016 | SILICON VALLEY BUSINESS JOURNAL

Dr. Torsten George has more than 20 years of global and domestic information security experience. He is a frequent speaker and contributor to media outlets on cyber security and risk management topics including data breaches, incident response best practices, and cyber security strategies.    Read Full Article

April 1, 2016 | Amazines

The event caught the eye of a number of local politicians, who gathered to shake hands at the official unveiling. "I've been to lots of ribbon-cuttings," county executive Rob Astorino was quoted as saying. "This is my first sluice gate." According to an indictment handed down late last week by the U.S. Department of Justice, Hamid Firoozi, a well-known hacker based in Iran, gained access several times in 2013 to the dam's control systems. Had the sluice been fully operational and connected to those systems, Firoozi could have created serious damage.    Read Full Article

March 31, 2016 | MSN, Laura Hautala

A few search terms can lead to an exposed Internet connection. That's apparently how an Iranian hacker accessed a dam in New York state. "Google dorking." It sounds goofy, but it could be just the ticket for a hacker looking to stir mayhem. The search technique is one of several methods that bad guys can use to find vulnerable computer systems and trace them to a specific place on the Internet. All they have to do is type in the right search terms, and they're well on their way.    Read Full Article

March 30, 2016 | CNET, Laura Hautala

"Google dorking." It sounds goofy, but it could be just the ticket for a hacker looking to stir mayhem. The search technique is one of several methods that bad guys can use to find vulnerable computer systems and trace them to a specific place on the Internet. All they have to do is type in the right search terms, and they're well on their way.    Read Full Article

March 25, 2016 | Albuquerque Journal

The New Mexico Economic Development Department’s Job Training Incentive Program board approved more than $900,000 in training funds for nine companies in March. The funds are tied to the creation of 47 jobs, according to a news release from the state.    Read Full Article

March 23, 2016 | Finyear

RiskSense Inc. announced Brett Newsome joins as chief financial officer. Previously, Brett served as chief financial officer for Infrastructure-as-Service providers, Joyent and GoGrid. Newsome also served as vice president of finance for UltraDNS. He also held leadership roles with KPMG and Citi.    Read Full Article

March 22, 2016 | Albuquerque Journal, Ellen Marks

About 70 percent of the state’s spending on economic development goes to large rather than small businesses, even though less than half of those employed in New Mexico work at large companies, according to a report released this month.    Read Full Article

March 16, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Many organizations take a manual approach to vulnerability management. Instead of relying on automated systems, IT practitioners test and validate new patches prior to deploying them in production environments. However, in today’s dynamic threat landscape there are thousands, if not hundreds of thousands, of vulnerabilities discovered in typical organizations.    Read Full Article

March 10, 2016 | DARK Reading

Industry luminary brings deep industry expertise to cyber risk management innovator    Read Full Article

March 9, 2016 | Cyber Defense Magazine, Torsten George (RiskSense VP Global Marketing and Products)

In light of last year’s massive data breaches at the United States Office of Personnel Management, Anthem, BlueCross BlueShield, and Army National Guard, the need to protect networks is more urgent than ever. While companies spend huge sums of money every year to maintain a security perimeter designed to fend off cyber and insider threats, daily reports of new data breaches are raising doubts about the effectiveness of these investments.    Read Full Article

March 9, 2016 | Private Company Director

RiskSense, Inc., the pioneer and market leader in pro-active cyber risk management solutions, announced the appointment of John N. Stewart, as an independent director of the company, effective immediately, according to a Business Wire press release.    Read Full Article

March 8, 2016 | MediaPost, Amy Corr

RiskSense hired Brett Newsome as chief financial officer, Sheldon Feinland as vice president of global sales and Torsten George as vice president of global marketing and products.    Read Full Article

March 4, 2016 | Manufacturing Mirror

RiskSense Inc. has just opened a new office in tech hub Sunnyvale, California ' which will support the engineering team that will continue to operate out of its worldwide headquarters in Albuquerque.    Read Full Article

March 1, 2016 | CSO, Maria Korolov

The U.S. Senate recently proposed a cybersecurity disclosure bill that would require public companies to describe what cybersecurity expertise their boards have, or, if they don't have any, what steps the companies are taking to get some expertise onto their boards.    Read Full Article

March 1, 2016 | CIO

that would require public companies to describe what cybersecurity expertise their boards have, or, if they don't have any, what steps the companies are taking to get some expertise onto their boards.    Read Full Article

February 29, 2016 | Silicon 66 Blog, Robert Ingram

RiskSense co-founder Mark Fidel recently made the case for Albuquerque as a future tech hub and, specifically, as a center for cybersecurity. Citing the New Mexico Institute of Mining and Technology and the resources that new entrepreneurs have access to from the state, Fidel said “I think [Albuquerque] has a very strong future for becoming a hub for tech.”    Read Full Article

February 29, 2016 | Cyber Defense Magazine

The winners are...    Read Full Article

February 29, 2016 | Cyber Defense Magazine, Torsten George (RiskSense VP Global Marketing and Products)

In light of last year’s massive data breaches at the United States Office of Personnel Management, Anthem, BlueCross BlueShield, and Army National Guard, the need to protect networks is more urgent than ever. While companies spend huge sums of money every year to maintain a security perimeter designed to fend off cyber and insider threats, daily reports of new data breaches are raising doubts about the effectiveness of these investments.    Read Full Article

February 25, 2016 | Albuquerque Business First, Black Driver

Albuquerque cybersecurity company RiskSense Inc. made news this week, announcing an expansion to tech hub Sunnyvale, California. The firm is also hiring three new executives to its management team — all developments that support the emerging idea that Albuquerque could become a cybersecurity hub. Mark Fidel, RiskSense’s co-founder and recently titled head of corporate development, certainly thinks so.    Read Full Article

February 24, 2016 | Albuquerque Business First, Black Driver

As Apple dukes it out with the FBI over cybersecurity issues, one local leader in the industry is expanding — all the way to Silicon Valley. RiskSense Inc. has just opened a new office in tech hub Sunnyvale, California, where the Albuquerque company’s satellite team of marketing, product management and financial staff will focus on corporate marketing, market and consumer research, product positioning and remote product development — all in conjunction with the engineering team that will continue to operate out of its worldwide headquarters in Albuquerque.    Read Full Article

February 24, 2016 | Silicon Valley Business Journal, Black Driver

As Apple dukes it out with the FBI over cybersecurity issues, one local leader in the industry is expanding — all the way to Silicon Valley. RiskSense Inc. has just opened a new office in tech hub Sunnyvale where the Albuquerque company’s satellite team of marketing, product management and financial staff will focus on corporate marketing, market and consumer research, product positioning and remote product development — all in conjunction with the engineering team that will continue to operate out of its worldwide headquarters in Albuquerque.    Read Full Article

February 24, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Metrics are tied to the performance of information security professionals - vulnerability close rates, timelines, and criticality ratings. However, when used properly, security metrics can provide so much more. Enabling organizations to take a pro-active rather than tactical, reactive security posture. Many security operations teams are still grappling with how they can leverage security metrics to implement a predictive approach to security to minimize the risk of cyber-attacks and insider threats.    Read Full Article

February 22, 2016 | Albuquerque Business First, Black Driver

The Albuquerque City Council approved a number of economic measures en masse during last week’s meeting. One of the measures was a three-year, $300,000 contract to expand Albuquerque Economic Development’s "Existing Business Development" program, which assists local companies with expansion efforts.    Read Full Article

February 22, 2016 | Tech Rockies

Albuquerque, New Mexico-based RiskSense, a provider of cyber risk management software-as-a-service, said today that it has named three executives.    Read Full Article

February 22, 2016 | Tom's Guide, Sue Marquette Poremba

Smart devices you use every day, such as Internet-connected televisions, cars, refrigerators, thermostats and bathroom scales, could increase your risk of becoming a victim of cybercrime. Sounds scary, but it's not surprising to many information-security experts.    Read Full Article

February 11, 2016 | CRN Australia, Brendon Foye

Details on each company and their innovations can be found on Cybersecurity Venture's website.    Read Full Article

February 11, 2016 | CyberSecurity Excellence Awards

RiskSense company profile...    Read Full Article

February 3, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Threat intelligence has received a lot of attention from the industry, ranging from vendors expanding their product portfolios and venture capitalists funding new start-ups to end user organizations looking for insights into advanced cyber-attacks that aren’t available from traditional perimeter defense tools. However, threat intelligence in and of itself is just another data source that adds to the complexity and velocity of having to analyze data in a manual fashion.    Read Full Article

January 29, 2016 | Albuquerque Business First, Rachel Sams

It's not because of the Super Bowl (although there's that, too.) It's not even because they'll still be talking about our amazing Book of Lists party last night (although they will.). Read on for the productivity killer and five more things you need to know today.    Read Full Article

January 28, 2016 | TechNewWorld, John P. Mello Jr.

The U.S. Food and Drug Administration last week took a step toward addressing the threat the Internet of Things poses to patients and their data by releasing some proposed guidelines for managing cybersecurity in medical devices.    Read Full Article

January 21, 2016 | Las Cruces Bulletin

The following is the prepared text of the State of the State Address delivered by Governor Susana Martinez from the chamber of the New Mexico House of Representatives on January 19, 2016:    Read Full Article

January 19, 2016 | KOAT Channel 7

Lieutenant Governor; Senate President Pro Tempore; Mr. Speaker; Democrat and Republican leaders; esteemed members of the New Mexico Legislature; Congresswoman Michelle Lujan-Grisham; Congressman Steve Pearce; honorable members of the judiciary; former New Mexico governors; tribal governors; Archbishop John Wester; distinguished guests; the State’s first gentleman, my husband, Chuck Franco; the State’s first newlyweds – Carlo and Tara; my sister, Lettie; and, my fellow New Mexicans.    Read Full Article

January 15, 2016 | Albuquerque Business First, Black Driver

There’s been a hefty amount of talk about failure in the entrepreneurial community lately. A good portion of it came out at “Fail Night,” the inaugural event in a new monthly speaker series called “ABQ Entrepreneurial Happy Hour,” where prominent business leaders got on stage at Tractor Brewing’s Wells Park location to talk about failure.    Read Full Article

January 11, 2016 | Albuquerque Business First, Stephanie Guzman

It was a busy year for Ray Smith. As Albuquerque Economic Development’s chairman of the board and being president of Klinger Constructors LLC, Smith was wrapped up in several projects in 2015. AED brought in a number of new businesses to the metro area, including Rural Sourcing, Alorica, Flagship Foods and National American University, among others.    Read Full Article

January 8, 2016 | Albuquerque Journal, Kevin Robinson-Avila

A few brave entrepreneurs shared some of their business failures Thursday night with more than 100 people at Tractor Brewery Downtown.    Read Full Article

January 4, 2016 | Albuquerque Business First, Black Driver

Organizers want to help entrepreneurs learn from other successful people’s mistakes, so they’re launching their very first ABQ Entrepreneurial Happy Hour speaker series with “Fail Night.” Four presenters will share a story about an endeavor — from whole companies to a business strategy ­— they’ve failed at, as well as the lessons they learned from it.    Read Full Article

January 3, 2016 | SecurityWeek, Torsten George (RiskSense VP Global Marketing and Products)

Threat intelligence has received a lot of attention from the industry, ranging from vendors expanding their product portfolios and venture capitalists funding new start-ups to end user organizations looking for insights into advanced cyber-attacks that aren’t available from traditional perimeter defense tools. However, threat intelligence in and of itself is just another data source that adds to the complexity and velocity of having to analyze data in a manual fashion.    Read Full Article