Centraleyes Resource Center
- Yair Solow Featured on Bugy's Founder Interviews
- Centraleyes Chosen as Global Top 5 Startups of the Year - Interview
- Centraleyes on Cyber Ghost: Interview with Yair Solow
- Spotlight Q&A with Centraleyes at Safety Detectives
- Centraleyes Expands Automated Risk Register To Cover All Enterprise Risk
- New Centraleyes 4th Generation Release Officially Goes Live
- Yair Solow Featured on VPN Mentor
- Yair Solow on CNN
- CyGov Signs a Strategic Agreement with R3 (Spanish)
- Centraleyes Welcomes Co-Founder of Optiv, Dan Burns, to Its Board of Directors
- Centraleyes Continues to Expand Its Global Network of Strategic Partners with UK-based ITC Secure
- Centraleyes Introduces First Automated Risk Register
- Yair Solow Featured on Website Planet
- Trevor Failor named head of sales at CyGov
- CyGov is rebranding its platform as Centraleyes
- Cybersecurity Company Cygov Partners With Risk Management Company Foresight
- CyGov agrees strategic partnership with top 200 MSSP Cybriant
- Cyber Resilience Resource for Businesses Re-Deploying Remotely
- The Four New Pillars of Corporate Protection Yair Solow on InfoSecurity Magazine
- CyGov selected by SixThirty as Top Cyber Security Startup
- Europe's Top Cyber Security Startups
- CyGov Interviewed by MediaSet
- Eli Ben Meir's article in Security Intelligence
- Yair Solow on i24 News
- CyGov Selected by WorldBank
- Eli Ben Meir OpEd in the Houston Chronicle
- Yair Solow and Eli Ben Meir Present at the SparkLabs Demoday 8
- Enhance Your Cyber Maturity With ITSM Integration and Automated Remediation
- Ensure Your Ongoing Compliance With Automatic Framework Reassessment Tasks
- Stay in the Know With a Full Activity Log of Your Assessment Collection
- Add a New Entity to Perform Your Assessment in 10 Seconds
- Quantify Financial Risk With Centraleyes Platform Primary Loss Calculator
- Cover Your Entire Environment With Centraleyes's Risk Application Assessments
- Communicate Cyber Risk With Your Executives in an Intuitive, Beautifully Visualized Board Reporting
- Stay on Top of Your Vendors' Cyber History With In-Depth External Scans
- Automate the Creation and Maintenance of a Risk Register, Saving Hours on Manual Work
- Add a New Framework and Distribute Assessments in Your Organization
- View Your Organization's Risk Scoring Through the NIST Tiering Lens
- Most Intuitive Way for Compliance With the Framework Navigation Tool
- Always Prepared for the Next Task With Automated Remediation
- Effective Team Work With Drag-and-Drop Control Assignment
- Get Real-Time Critical Alerts That are Specifically Relevant to You
- MSSPs Can Manage Multiple Clients Under One Platform
- Onboard a New Vendor in Just 30 Seconds
- Turn Hours of Work Into Seconds with Centraleyes Vendor Risk Profile
- Always Informed with Centraleyes Domain Benchmarking
- CVE Program Gets a Lifeline—But the Real Story Is Just Starting
- Securing AI Agents: A New Frontier in Cybersecurity
- Spain's Massive Power Outage: A Wake-Up Call for Cybersecurity and Grid Resilience
- Mandiant’s M-Trends 2025: Edge Devices Are Now Prime Targets
- Who’s Snooping on Go1 Robot Dogs?
- Deleting DNA Data From 23andMe
- 12 Hours or Else: Hong Kong’s Cybersecurity Explained
- Chainguard “FIPS” Apache Cassandra
- The Cost of Compliance Theater: DoD Contractor Pays $11.2M for False Cybersecurity Certifications
- Federal Agencies Face Hurdles in Zero-Trust Implementation
- Identity Security Just Got a Major Upgrade
- Security Flaw Found in Patient Monitors: No Fix Yet
- PlugX Malware Network Dismantled
- Patch Now or Pay Later: Android 2025 Update
- Netflix Fined €4.75 Million Over GDPR Transparency Issues
- Did Google Just Change the Rules on Privacy in Healthcare?
- Salt Typhoon Campaign: A Wake-Up Call for U.S. Telecoms and National Security
- When Your Coffee Break Faces a Cyber Threat
- CISOs, It’s Time to Insure Your Role—Literally
- Telecom, Airline, and Utilities Move into Highest Cyber-Risk Category, Says Moody’s
- Under the Mask of Copyright: How Phishing Attacks Are Evolving
- New Indicators of Compromise Revealed for Critical FortiManager Vulnerability
- How Attackers are Using EDRSilencer to Fly Under the Radar
- Operation Token Mirrors
- OpenAI Disrupts 20+ Malicious Campaigns Using AI for Cybercrime and Disinformation
- Is Temu the Next TikTok? House Republicans Sound the Alarm on Data Security
- Hackers Target Cybersecurity Job Seekers
- UK Data Centres Crowned Critical National Infrastructure
- White House and CISA Double Down on Securing Open Source Software: A New Era of Vigilance
- Massive Data Breach Exposes Personal Information of Billions
- Whistle While You Work
- Delta’s Mirror Moment: A Play of Third-Party Reflection
- The Great Cyber Debate: Regulation vs. Innovation
- CrowdStrike Outage
- How is "Materiality" Defined According to the SEC Disclosure Rules?
- Balancing Act: Streamlining Federal Cybersecurity Regulations
- Auto Sales Hit a Cyber Speedbump
- Explainer: The CDK Global Ransomware Attack
- Micro-Managed: AMD Investigates IntelBroker Hack
- Microsoft Puts Recall on Hold
- How to Build a Successful GRC Program to Help Reduce Your Risk Posture
- How to Stay Secure and Compliant in a World of Regulatory turmoil
- Don’t Keep Your Head in the Clouds – How to Protect Yourself from Virtual Risk
- Flash Webinar: How to Know When it's Time to Build a Risk Management Program
- Enhancing Cyber Risk Management Through the Power of Automation - Boutique Webinar
- Flash Webinar: From Technical to Business Risk - How to Communicate With Your Board
- Flash Webinar: What You Can Learn From the SolarWinds Attack to Lower Your Chances of Being Breached
- Flash Webinar: Supply Chain, 3rd-Party Vendors and the Silent Assassin Among Them
- Flash Webinar: Cyber Risk Management - it Doesn't Have to Be So Painful
- Risk Management in Higher Education: Top Challenges and Proven Solutions
- Best 9 Compliance Risk Assessment Tools for 2025
- 9 Methods for Calculating Cybersecurity Risk Scores: A Guide to Risk Analysis
- Top 15 MSSPs to Watch in 2025
- Best 12 SaaS Security Tools to Protect Your Cloud Applications
- ISO 27701 Requirements Explained: How to Enhance Your Privacy Framework
- How Much Does PCI DSS Compliance Cost in 2025?
- The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey
- Best 10 SOC Tools for Security Operations and Threat Detection
- Best 12 PCI Compliance Solutions for Ensuring Compliance in 2025
- 5 Best Cyber Resilience Solutions of 2025
- Mastering the German Federal Data Protection Act (BDSG-New): A Deep Dive
- CMMC Compliance Checklist for 2025: Key Steps and Common Pitfalls to Avoid
- ICFR Best Practices: How to Design and Maintain Strong Financial Controls
- GRC for Building Customer Trust: A Strategic Imperative for Long-Term Success
- PCI DSS Tokenization vs Encryption: Key Differences to Protect Payment Data
- The Full NIST 800 53 Checklist: How to Prepare for an Audit
- Exploring the EU Cybersecurity Certification Scheme: A Guide to Common Criteria
- Cybersecurity Dashboards: Enhancing Security Monitoring and Decision-Making
- The Top 10 AI Compliance Tools of 2025
- The FFIEC’s Origins and Purpose for Banking Industry
- 10 Best ERM Software in 2025: The Complete Guide
- EU Cyber Resilience Act: What You Need to Know
- How Data Visualization Helps Prevent Cyber Attacks
- Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs
- NYDFS Cybersecurity Regulation: Dates, Facts and Requirements
- 12 Critical SOC 2 Controls to Support Compliance
- How Does FCPA Compliance Impact Your Business
- New York SHIELD Act: Everything You Need to Know for Compliance
- Common Examples of HIPAA Violations: Understanding Compliance Challenges
- The 13 Best GRC Tools for 2025
- The Top Cybersecurity Breaches in the UAE
- The Goals of Security Compliance
- Comprehensive Third-Party Risk Assessment Checklist for Robust Risk Management
- Workforce Risk Management: Strategies for Mitigating Employee-Related Risks
- Safeguarding Your Business From Social Media Risks
- The Essential Guide to Horizon Scanning in Compliance and Regulatory Frameworks
- Best 5 Third-Party Risk Assessment Platforms
- Best Policy Templates for Compliance: Essential Documents for Regulatory Success
- The SaaS Sprawl of 2025: Tackling the Unseen Security Risks
- Cyber Leaders of the World: Chris Lockery, CISO at Help at Home
- Cyber Leaders of the World: Michael Anderson, CISO at the Dallas Independent School District
- Cyber Leaders of the World: Timothy Spear, Co-Founder and CTO of Whonome
- Cyber Leaders of the World: Marc Johnson, CISO at Impact Advisors
- Cyber Leaders of the World: Craig Williams, CISO at Secure Data Technologies
- Cyber Leaders of the World: Bill Genovese, CIO Advisory Partner at Kyndryl
- Cyber Leaders of the World: Dr. Brian Callahan, Graduate Program Director & Lecturer at ITWS@RPI, and CISO at PECE
- Cyber Leaders of the World: Chris Grundemann, Research Category Lead for Security and Risk at GigaOm
- Cyber Leaders of the World: Barak Blima, CISO at CHEQ
- Cyber Leaders of the World: Tony Velleca, CEO at CyberProof and CISO at UST
- Cyber Leaders of the World: Rob Black, CEO and Founder of Fractional CISO
- Cyber Leaders of the World: Zachary Lewis, CISO at the University of Health Sciences and Pharmacy in St. Louis
- Cyber Leaders of the World: Dan Wilkins, CISO at the State of Arizona
- Cyber Leaders of the World: Sagar Narasimha, CISO at Amagi
- Cyber Leaders of the World: Seema Sharma, Global Head of Information Security & Data Privacy at Servify
- Cyber Leaders of the World: Shay Siksik, VP of Customer Experience at XM Cyber
- Cyber Leaders of the World: Raz Karmi, CISO at SimilarWeb
- Supplier Performance Risk System (SPRS)
- Audit Exception
- Managed Security Service Provider
- PA-DSS
- Cybersecurity Benchmarking
- Cardholder Data Environment
- C3PAO
- ISO 27001 Annex A Controls
- Trust Center
- ISO 27001 Surveillance Audit
- ISO 27001 Internal Audit
- NACHA Compliance
- Microsoft SSPA
- Information Security Compliance
- Privacy Threshold Assessment
- Incident Response Model
- GRC Maturity Model
- Risk Control Matrix
- HIPAA Employee Training
- Vendor Scorecard
- Threat Intelligence Platform
- Standard Contractual Clauses
- NIS Regulations
- Living-Off-the-Land Attacks
- GRCaaS
- Discretionary Access Control (DAC)
- Covered Defense Information (CDI)
- AI Secure Development
- Approved Scanning Vendor (ASV)
- Law Enforcement Sensitive (LES)
- Content Delivery & Security Association
- Report on Compliance (ROC)
- OT Cyber Risk Framework
- Unified Privacy Framework
- Data Subprocessor
- Threat-Based Risk Assessment
- Semi-Quantitative Risk Assessment
- Vulnerability-Based Risk Assessment
- Risk Management Strategy
- Authorization to Operate (ATO)
- What Should Be Included in a Security Policy?
- What is the first step of PCI DSS compliance?
- What's the Difference Between TX-RAMP, StateRAMP, and FedRAMP?
- What are the ISO Standards for AI
- What’s the difference between NIST 800-53 and NIST 800-171?
- Which AI Compliance frameworks can I choose?
- What is the difference between cloud governance and cloud compliance?
- What are the types of compliance risk?
- What are the benefits of continuous risk management?
- What is the difference between risk assessment and risk analysis?
- What are the Benefits of cyber risk quantification?
- How to Achieve Continuous Compliance?
- How do you implement continuous controls monitoring?
- What is a maturity assessment process?
- What are the different types of compliance management tools?
- What are the Differences Between Internal and External Penetration Testing?
- What is the difference between proactive and reactive risk management?
- Why is a data retention policy important?
- What is the operational risk management process?
- How to implement the COSO framework?
- How do you perform a cyber security risk assessment?
- How to develop an enterprise risk management framework?
- How do you respond to a security questionnaire?
- What are the main steps in the threat modeling process?
- What exactly is considered PHI according to HIPAA?
- What does the PCI Compliance Auditor Look At?
- How to Detect and Prevent Data Leakage?
- What are the Challenges Associated with Cloud Security Management?
- How Many Techniques Are There in MITRE Att&ck?
- What Are the Benefits of Conducting a Risk Assessment?
- What are the categories of controls in ISO 27001?
- How Does ABAC Differ From Other Access Control Models?
- What Does a Compliance Management System Look Like?
- What Are the NIST CSF Implementation Tiers?
- What is the Purpose of Compliance Attestation?
- How do I become NIST 800-171 compliant?
- Why are the three rules of HIPAA necessary?
- What are the seven categories of risk?
- What are the Six Types of Vulnerability Scanning?
- Which are the most important compliance frameworks?
Resources | News & Updates
CVE Program Gets a Lifeline—But the Real Story Is Just Starting
Last month, the cybersecurity world got a wake-up call: the backbone of global vulnerability tracking—the CVE program—almost…
Securing AI Agents: A New Frontier in Cybersecurity
As RSA Conference 2025 just wrapped up, one thing’s clear: AI agents are everywhere—and apparently, they need…
Spain's Massive Power Outage: A Wake-Up Call for Cybersecurity and Grid Resilience
On April 28, 2025, Spain, Portugal, and parts of France experienced an unprecedented power outage, leaving millions…
Mandiant’s M-Trends 2025: Edge Devices Are Now Prime Targets
Key Takeaways from Mandiant’s M-Trends 2025 There’s a certain irony that’s hard to ignore in Mandiant’s latest…
Who’s Snooping on Go1 Robot Dogs?
Unitree Robotics, a China-based manufacturer, has been caught up in a major security scare. Two researchers uncovered…
Deleting DNA Data From 23andMe
23andMe, the prominent consumer genetic testing company, filed for Chapter 11 bankruptcy on March 23, 2025, due…
12 Hours or Else: Hong Kong’s Cybersecurity Explained
Hong Kong has officially enacted a new cybersecurity law aimed at securing critical infrastructure, a move that…
Chainguard “FIPS” Apache Cassandra
Chainguard modified Cassandra so organizations needing FIPS-approved encryption can finally use it—without risky workarounds or costly custom…
The Cost of Compliance Theater: DoD Contractor Pays $11.2M for False Cybersecurity Certifications
Cybersecurity compliance isn’t just a box to check—it’s a commitment to protecting sensitive data. But for Health…
Federal Agencies Face Hurdles in Zero-Trust Implementation
The push for zero trust architecture is intensifying, but federal agencies are encountering significant challenges in making…
Identity Security Just Got a Major Upgrade
CyberArk, a leader in privileged access management, has announced the acquisition of Zilla Security, a cloud-native identity…
Security Flaw Found in Patient Monitors: No Fix Yet
In a concerning development for healthcare cybersecurity, the FDA and CISA have issued urgent advisories about two…
PlugX Malware Network Dismantled
A coordinated effort by U.S. and international law enforcement agencies has dismantled the PlugX malware network, removing…
Patch Now or Pay Later: Android 2025 Update
Android’s first security update of the year just dropped, tackling five critical vulnerabilities that could let attackers…
Netflix Fined €4.75 Million Over GDPR Transparency Issues
Netflix has been hit with a €4.75 million fine by the Dutch Data Protection Authority (DPA). The…
Did Google Just Change the Rules on Privacy in Healthcare?
This week, the UK Court of Appeal delivered its verdict: Google’s 2015 data-sharing deal with the Royal…
Salt Typhoon Campaign: A Wake-Up Call for U.S. Telecoms and National Security
A disturbing new cybersecurity incident has raised alarms across U.S. telecoms, with revelations this week about a…
When Your Coffee Break Faces a Cyber Threat
What happens when the backbone of global operations—supply chain software—comes under attack? Starbucks and leading UK supermarkets…
CISOs, It’s Time to Insure Your Role—Literally
Traditionally, insurance policies like Directors and Officers (D&O) liability insurance didn’t cover the personal liabilities of CISOs.…
Telecom, Airline, and Utilities Move into Highest Cyber-Risk Category, Says Moody’s
Telecommunications, airlines, and utilities are now in the “highest cyber-risk” category, according to Moody’s latest cyber risk…
Under the Mask of Copyright: How Phishing Attacks Are Evolving
Fake copyright infringement notices are sweeping across inboxes globally, hitting hundreds of companies with a new and…
New Indicators of Compromise Revealed for Critical FortiManager Vulnerability
Fortinet has alerted customers to four new indicators of compromise (IoCs) related to a widely exploited zero-day…
How Attackers are Using EDRSilencer to Fly Under the Radar
Threat actors are now leveraging the open-source EDRSilencer tool to undermine endpoint detection and response (EDR) solutions,…
Operation Token Mirrors
In a groundbreaking operation known as Operation Token Mirrors, the FBI launched a fake cryptocurrency company, NexFundAI,…
OpenAI Disrupts 20+ Malicious Campaigns Using AI for Cybercrime and Disinformation
In a bold move to combat the growing threat of AI-driven cybercrime, OpenAI recently announced the disruption…
Is Temu the Next TikTok? House Republicans Sound the Alarm on Data Security
In the wake of the TikTok controversy, another Chinese tech giant is under scrutiny—Temu. This online marketplace…
Hackers Target Cybersecurity Job Seekers
For over a year, North Korean state-sponsored hackers, specifically the Lazarus Group, have been targeting Python developers…
UK Data Centres Crowned Critical National Infrastructure
The UK government has elevated data centres to the status of “Critical National Infrastructure” (CNI), putting them…
White House and CISA Double Down on Securing Open Source Software: A New Era of Vigilance
In April, the tech world faced a concerning incident involving XZ Utils, a widely used open-source compression…
Massive Data Breach Exposes Personal Information of Billions
A data breach at National Public Data, a relatively obscure but widely connected company, has exposed 272…
