Advertisement

A multitude of arrows pierce a target. [numerous attacks / quantity / severity]

7 best practices for enterprise attack surface management

Follow this advice to minimize vulnerabilities and give threat actors fewer opportunities to compromise your organization's network and devices.


hsm shredder

IT asset disposal is a security risk CISOs need to take seriously

Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.


A group discussion takes place in a glass conference room, in a busy office workspace.

Tabletop exercises explained: Definition, examples, and objectives

A tabletop exercise is an informal, discussion-based session in which a team or discusses their roles and responses during an emergency, walking through one or more example scenarios.


Advertisement

technology debt drowning in debt piggy bank by romolo tavani hudiem getty images

7 ways technical debt increases security risk

Shoddily developed and deployed projects can leave your enterprise vulnerable to attacks. Here's how to stop technical debt from sending your organization to the cyber-poorhouse.


The Next Reality Virtual Event

Live Virtual Event

Cyberattacks are getting more frequent and more complex, and it’s not a case of if your organisation will be attacked, it’s when.Despite the devastation caused by large scale attacks, many company boards still don’t see cybersecurity as a key issue, an area of the business that needs greater investment.

Cybersecurity awareness  >  A man with a binary blindfold finds his way through question marks.

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.


healthcare data breach / medical patient privacy security violation

5 biggest healthcare security threats for 2021

Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.


A hook is cast at laptop email with fishing lures amid abstract data.

4 steps to prevent spear phishing

Your users are in the crosshairs of the best attackers out there. Follow these steps to better protect them.


CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

With proofs of concept public, attackers are likely exploiting this vulnerability weeks after patches were released.


ransomware breach hackers dark web

Unique TTPs link Hades ransomware to new threat group

New research exposes details of Gold Winter threat group that links it to the infamous Hades ransomware.


Advertisement

Insider threats  >  Employees suspiciously peering over cubicle walls

Security firm COO indicted for allegedly aiding hospital's attackers: What CSOs should know

A grand jury has indicted Securolytics COO Vikas Singla for allegedly helping attackers access Gwinnett Medical Center's phone system and printers. This breach of trust presents a dilemma for CISOs.


Microsoft Windows security  >  Windows laptop + logo with binary lock and key

Best new Windows 10 security features: Improvements to Intune, Windows Defender Application Guard

Here's what you need to know about each security update to Windows 10 as they roll out from Microsoft. Now updated for the 21H1 feature release.


Tech Spotlight   >   Cloud [IFW / Overview]   >   Clouds reflected in a towering modern skyscraper.

The great cloud computing surge

Driven in part by the pandemic, cloud computing adoption has reached new heights. These five articles take a close look at the implications.


Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

AWS, Google Cloud, and Azure: How their security features compare

Each cloud platform differs in the security tools and features it offers customers to help them protect their cloud assets.


DDOS attack

New DDoS extortion attacks detected as Fancy Lazarus group returns

After operating under other names, Fancy Lazarus has fine-tuned its DDoS extortion campaigns, although with mixed results.