8 data protection gdpr

European nations issue record €1.1 billion in GDPR fines

Authorities across Europe issued huge amounts in GDPR fines during 2021. Luxembourg and Ireland took up the top spot, replacing Italy and Germany.

security system vulnerabilities - a grid of locks with several unlocked

Access broker found exploiting Log4j vulnerability in VMware

The Prophet Spider gang uses the Log4Shell vulnerability to target the Tomcat service in unpatched VMware Horizon systems.

Conceptual image of a network labeled 'Zero Trust.'

OMB issues zero-trust strategy for federal agencies

All federal agencies must meet zero-trust goals that the U.S. Office of Management and Budget has set by 2024, building on earlier federal cybersecurity initiatives.


security threat - circuit board-hand knocking over a chess piece

12 steps to take when there’s an active adversary on your network

These steps will help you respond quickly, without letting a crisis turn into chaos.

Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, January 2022

Keep up with news of CSO, CISO, and other senior security executive appointments.

Linux security shield

Serious PwnKit flaw in default Linux installations requires urgent patching

Attackers could gain root privileges by compromising any regular user account. Workarounds are available, patches on their way.

Edge Computing

SASE in the spotlight as businesses prioritize edge network security

A new report discovers edge network definitions are in flux across industries as organizations look to augment traditional security controls to address edge network risks.

fragile binary cyberattack risk vulnerable

How to defend Windows networks against destructive cyberattacks

Defending against attacks intended to destroy systems rather than steal or extort requires a different approach, as Russia's cyberattacks against Ukraine demonstrate.

Global geopolitical vectors

Data residency laws pushing companies toward residency as a service

Many countries now require companies that operate within its boundaries to store data on their residents locally. Using residency-as-a-service providers is becoming an important option.

3 the vertical market fintech stock market graph

SEC eyes more expansive cybersecurity requirements

New rules for publicly traded companies could add protections for consumer information, strengthen incident reporting, and require assessment of third-party risk.


An engineer reviews strategy framework data.

Using the NIST Cybersecurity Framework to address organizational risk

NIST's CSF, used with other guidance, can help map risk to actual threats and better comply with security mandates such as the U.S.'s cybersecurity executive order.

high priority gauge

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft's Patch Tuesday blunder

Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both.

security school education binary code classroom by skynesher getty

Education sector hounded by cyberattacks in 2021

The education and research sector recorded a 75% year-on-year increase in cyberattacks as the move to working from home enlarged the attack surface and opened up new vulnerabilities.

Russian flag overlay / mobile phone / wireless signals / data

High anxiety spreads among Russian criminal groups in wake of REvil raid

Fearful chatter reveals unprecedented concern about future criminal operations, though some doubt Russia's commitment to stopping ransomware.

hand writing on chalkboard showing myth vs fact

22 cybersecurity myths organizations need to stop believing in 2022

Security teams trying to defend their organizations need to adapt quickly to new challenges. Yesterday’s buzzwords and best practices have become today’s myths.