Security Practices
Security Practices | News, how-tos, features, reviews, and videos
Accenture, IBM, Mandiant join Elite Cyber Defenders Program to secure critical infrastructure
Led by Nozomi Networks, the program aims to provide global industrial and government customers cybersecurity defense tools, incident response teams, and threat intelligence.
The classified document leak: let’s talk about Jack Teixeira’s need-to-know
The release of classified documents by a US Air National Guardsman highlights how important it is for CISOs to consider who should have access to sensitive data and why.
Why reporting an incident only makes the cybersecurity community stronger
CISOs and cyber leaders may not see reporting a breach as the most pleasant of tasks, but experts say mandatory and voluntary sharing of intelligence around incidents can only improve the readiness and resilience of responders.
New Rorschach ransomware hits with unique features and very fast encryption
Researchers say the recently discovered strain raises the bar by automating some intrusion processes and moving very quickly compared to other attacks.
Views of a hot cyberwar — the Ukrainian perspective on Russia’s online assault
A report from Ukraine’s cybersecurity service reveals insight into what the country has been facing from belligerent attackers and holds a lesson for CISOs.
5 cyber threats retailers are facing — and how they’re fighting back
Ransomware, point-of-sale hacks, and supply chain threats are just a few of the worries for today’s retailers. The stakes are high when you’re handling big money and reams of consumer data.
UK bans TikTok on government devices over data security fears
The UK has joined international partners in banning social media app TikTok from government electronic devices over concerns the Chinese-owned app could pose a security risk.
Dell beefs up security portfolio with new threat detection and recovery tools
Dell Technologies has added improved MDR capabilities, cloud-based component verification, and a new cyber recovery solution along with a partnered threat management offering.
Best and worst data breach responses highlight the do's and don'ts of IR
There are right ways and wrong ways to deal with a cyberattack. Here’s a look back at some of the most egregious and laudable responses by security teams in recent memory.
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
Digital forensics and incident response teams face increasing workloads amid evolving cyberattacks, recruiting and hiring challenges, and a lack of effective automation.
Plan now to avoid a communications failure after a cyberattack
CISOs should take the lead to develop a post-cyberattack communications plan that accurately informs stakeholders and instills confidence in their organizations' response.
Will your incident response team fight or freeze when a cyberattack hits?
CISOs train their teams to fight hackers but often overlook the human tendency to freeze up during a crisis. Planning for the psychology of incident response can help prevent a team from seizing up at the wrong moment.
ServiceNow to detect open source security vulnerabilities with Snyk integration
ServiceNow Vulnerability Response users will now have access to Snyk’s product that scans open source code during the development process.
Social media use can put companies at risk: Here are some ways to mitigate the danger
Using social media can expose company and employee data, and misuse could harm organizational reputation. Here are some tips that can help reduce the risk.
MTTR “not a viable metric” for complex software system reliability and security
Verica Open Incident Database Report suggests mean time to resolve should be retired and replaced with other metrics more appropriate for software systems and networks.
When blaming the user for a security breach is unfair – or just wrong
Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...
EU Council adopts NIS2 directive to harmonize cybersecurity across member states
The NIS2 directive replaces NIS as EU Council seeks to improve resilience and incident response capacities in the EU.
