Security Practices

Security Practices | News, how-tos, features, reviews, and videos

cyber attack alarm alert
security vulnerabilities such as hackers and cyberattacks

Social media threats / risks / dangers / headaches  >  Text bubbles bearing danger signs

Social media use can put companies at risk: Here are some ways to mitigate the danger

Using social media can expose company and employee data, and misuse could harm organizational reputation. Here are some tips that can help reduce the risk.

noops code developer devops html web developer by mazimusnd getty

MTTR “not a viable metric” for complex software system reliability and security

Verica Open Incident Database Report suggests mean time to resolve should be retired and replaced with other metrics more appropriate for software systems and networks.

blame 174280704

When blaming the user for a security breach is unfair – or just wrong

Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...

European Union, EU

EU Council adopts NIS2 directive to harmonize cybersecurity across member states

The NIS2 directive replaces NIS as EU Council seeks to improve resilience and incident response capacities in the EU.

analytics mistrust 2

Almost half of customers have left a vendor due to poor digital trust: Report

New research from DigiCert has found that digital trust is a key driver of customer loyalty, with 84% of customers saying they would consider leaving a vendor that did not manage digital trust.

audit binary compliance magnifying glass investigate

How to prepare for a SOC 2 audit – it’s a big deal, so you’d better get ready

Getting ready for one of the most demanding review processes in cybersecurity can be daunting, but experts say preparing for a SOC 2 audit can be an important part of a well-managed year-round security program.

cloud security

Tenable aims to unify your cybersecurity with exposure management platform

Tenable tackles the issue of siloed security apps with a cloud-based exposure management system that pulls in data from diverse types of systems that track a company’s digital assets and identify vulnerabilities.

Woman executive with security lock

A third of enterprises globally don’t prioritize digital trust: ISACA

There are significant gaps between what enterprises are doing and what they should do to earn customer trust in their digital ecosystems, according to information systems security group ISACA.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

CISA launches incident, ransomware reporting rulemaking RFI

The U.S. Cybersecurity and Infrastructure Security Agency seeks input on a common set of cybersecurity incident reporting regulations.

woman teaching class presentation collaboration

7 critical steps for successful security onboarding

Creating a culture of security starts on day one, say veteran security leaders. Here’s their advice for making that initial security training more effective.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

Palo Alto debuts Unit 42 team for managed detection and response

Live expert service builds on Palo Alto’s Cortex extended detection and response (XDR) platform provide, offering a managed detection and response (MDR) team for more personalized cybersecurity management and incident response.

Zoom video conferencing  >  One user connected via laptop showing a grid of remote participants.

5 best practices for secure collaboration

How successful companies are facing the challenges of securing emerging communication technologies.

A network of digital connections extend broadly across layers of city highways / routing paths.

Defense in depth explained: Layering tools and processes for better security

Defense in depth is a security strategy in which multiple security tools, mechanisms, and policies are deployed in tandem on the assumption that if one fails, another will hold.

Conceptual rescue / recovery image   >   A flotation device drifts on a binary sea.

Best practices for recovering a Microsoft network after an incident

Follow this advice to minimize stress when recovering credentials, systems and settings after a ransomware or other cyberattack.

A laptop user works securely behind a firewall.

Cybersecurity is a constant fire drill—that’s not just bad, it’s dangerous

Security efforts based on heroism and tribal knowledge can’t scale. CISOs must address this situation as soon as possible.

Team member extends all hands in for a huddle. [unity / teamwork / trust / diversity / inclusion]

Sophos unifies threat analysis and response units into X-Ops team

Cybersecurity vendor Sophos reorganized three prominent organizational teams into a single new entity, for more efficient responses to modern threats.

diverse group people collaborate using Post-It notes to strategize on a glass wall

How to conduct a tabletop exercise

Testing your security policies and procedures in real-life scenarios can help you improve your security posture—if you implement the lessons learned.

A hand reaches to activate controls marked with gear icons [ process / update / fix / automate ]

New Flashpoint offering automates incident response workflows

Low-code platform enables security teams to build security workflows with drop-and-drag ease.

Load More
You Might Also Like