When blaming the user for a security breach is unfair – or just wrong

8 things to consider amid cybersecurity vendor layoffs

How to build a public profile as a cybersecurity pro

Advertisement

skull and crossbones in binary code

Flaws in MegaRAC baseband management firmware impact many server brands

The newly discovered vulnerabilities could allow attackers to gain control of servers that use AMI's MegaRAC BMC firmware.

security threat / hacker / attack

Action1 launches threat actor filtering to block remote management platform abuse

Action1 says remote management platform can now identify and terminate any attempt at misuse by attackers.

digital twins woman in profile ai mirror duplicate duo pair

The cybersecurity challenges and opportunities of digital twins

The virtual representation of objects or systems through digital twins provide organizations greater insight into their assets but it can also invite malicious actors.

and Alex Korolov

Advertisement

lorimerlite framework structure build construction

The changing role of the MITRE ATT@CK framework

Organizations are using the MITRE ATT@CK framework as more than a security operations reference architecture, adding new use cases and making it part of strategic future plans.

Cyber insurance > Umbrella hub protecting connected devices + online activities in binary world.

What you should know when considering cyber insurance in 2023

When even the best-laid cybersecurity plans fail, cyber insurance can help mitigate an organization’s exposure to financial and operational risk—but the insurance landscape is shifting with the times.

healthcare technology / medical data

Palo Alto Networks looks to shore up healthcare IoT security

Machine-learning based visibility and monitoring are at the heart of the cybersecurity company’s new healthcare-focused, add-on application to its core firewall products.

blame 174280704

When blaming the user for a security breach is unfair – or just wrong

Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...

conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

post 12 image three ways that security in the azure cloud just got simpler

Researchers found security pitfalls in IBM’s cloud infrastructure

A demonstrated attack by cybersecurity researchers in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.

Binary chain links of data > Blockchain / blockchain security / linked elements

Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions

Cybersecurity researchers found risks in the GitHub Actions platform that could enable attackers to inject malicious code into software projects and initiate a supply chain attack.

Advertisement

manager scanning workforce data via antimalware picture id1022805724

8 things to consider amid cybersecurity vendor layoffs

Cybersecurity vendor layoffs raise several issues for CISOs and customers, not the least of which are security and risk-related factors. Here are 8 things to consider if your security vendor has announced significant staff cuts.

4 encryption keys

Fortanix unveils AWS integration for centralized key management

Multicloud users have a new option for encryption key management across platforms, with the news that Fortanix has now integrated AWS support.

10 cloud security breach virtualization wireless

AWS' Inspector offers vulnerability management for Lambda serverless functions

AWS announces new cybersecurity features in Amazon Inspector and Amazon Macie at AWS Re:Invent 2022 in Las Vegas.

padlock domain name system dns security data center lock icann

AWS launches new cybersecurity service Amazon Security Lake

The service automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account.

A ladder extends into clouds in the sky. [ growth /expansion / opportunity / growth ]

5 top qualities you need to become a next-gen CISO

The world of cybersecurity changes quickly. If you want to be at the top of your game, a next-generation (“next-gen” in IT-speak) CISO, you should consider these guidelines for building and maintaining the skills and relationships...

From Our Advertisers