UpGuard Blog

How to Build a Sustainable Digital Business in the Cloud

Technology and Information

How much digital technology is required for your business to operate? Unless this document has traveled back in time, the chances are quite a lot. Now consider how much digital technology your vendors require to operate. The scope of technology grows quickly when you consider how vast the interconnected ecosystem of digital business really is. But digital business isn’t just about technology, it’s about information. For many companies, the information they handle is just as critical as the systems that process it, if not more so.

Filed under: cloud, cyber risk, digital resilience, misconfiguration, cyber resilience

Re-Energize Existing Software Through Integration

In 2015, organizations spent over $75 billion on cybersecurity. That’s a lot of money. But 2015 also saw a rise in successful cyber attacks, costing companies hundreds of billions of dollars in damages, loss and other related expenditures. Did all of the security software and hardware purchased with that $75B fail to do its job? Today's landscape requires more than just a collection of isolated products handling specific tasks—it needs an integrated ecosystem dedicated to overall resilience.

Filed under: security, cyber risk, digital resilience, Integrations, trust

What is Digital Resilience?

The 10-second version is this: Digital resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been.

Filed under: digital resilience

Cybersecurity Incidents Cost Companies Hundreds of Billions in 2015


According to the recently released 2016 Data Breach Investigations Report (DBIR) digest, produced annually by Verizon to help educate the industry, companies spent hundreds of billions of dollars last year as a result of cybersecurity incidents.

Filed under: CSTAR, insurance, cyber risk, digital resilience

Remediating The glibc DNS Bug Or: How To Survive An Inherently Flawed Digital Landscape

Buffer overflowing—or the stuffing of more data into a block of memory than allocated—has been one of the more common security vulnerabilities to be exploited in recent years. Last week Google and RedHat security researchers discovered a particularly distressing buffer overflow vulnerability in one of the key underpinnings of the internet: the glibc DNS bug. And while the glibc team has provided a fix for most Linux distros, it's questionable whether the flaw can be eradicated any time soon, especially given the ubiquity of Linux systems and the GNU Project's implementation of the C standard library.

Filed under: digital resilience

Casino Data Breaches And Doubling Down On Digital Resilience

In what is being described as a landmark case, Nevada-based casino operator Affinity Gaming is suing cybersecurity firm Trustwave for inadequately investigating and containing a 2014 data breach. The lawsuit not only marks the first time a security firm is sued over post-breach remediation efforts—it also highlights the complexities around managing cyber risk for high risk organizations in today's threat landscape. 

Filed under: cyber security, cyber risk, data breaches, digital resilience

Bringing Digital Resilience Back to the Digital Economy: ScriptRock Becomes UpGuard

As the saying goes, there are two certainties in life: death and taxes. As we all look ahead to 2016, it’s clear that a third certainty has entered the mix: breaches. 

Filed under: cyber security, upguard, cyber risk, digital resilience

Will Software-Defined Security Usher In A New Era Of Digital Resilience?

By now, you've probably heard of software-defined networking (SDN): the emerging IT paradigm that abstracts networking hardware into programmable components for unprecedented data center agility and flexibility. In the same vein, parallel infosec developments currently underway are transforming rigid and complex physical security architectures into highly-adaptable, easily-managed, and ubiquitous mechanisms for IT security. This is software-defined security (SDSec)—a new model of infosec that just might save us from digital armageddon.

Filed under: digital resilience