Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk //

Compliance

6/16/2014
12:00 AM
Dark Reading
Dark Reading
Flash Poll
50%
50%

Risk Management Report Card



Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/27/2014 | 7:59:01 AM
Failing Grades for CEOs on risk management
Wow! Nearly two out of five CEOs are getting failing grades from security teams in our flash poll asking you to assesing your chief exes on their their commitment to risk management & improving the company cyber security profile. Take the poll and tell us your reasons in the comments. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/20/2014 | 4:30:39 PM
Honor roll for CEOs?
Half of the respondents to our flash poll are giving their CEOs good marks for their commitment to cybersecurity -- a B or better. What grade would you give to your chief exec on a risk management report card? Take our poll and tell us why in the comments.  
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11559
PUBLISHED: 2019-09-17
A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component.
CVE-2019-15729
PUBLISHED: 2019-09-17
An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1. An internal endpoint unintentionally disclosed information about the last pipeline that ran for a merge request.
CVE-2016-10983
PUBLISHED: 2019-09-17
The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
CVE-2016-10984
PUBLISHED: 2019-09-17
The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.
CVE-2016-10985
PUBLISHED: 2019-09-17
The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.