UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Security Practices

Security Practices | News, how-tos, features, reviews, and videos

database data center network security

Feature

12 database security landmines, failures, and mistakes that doom your data

Lapses in protecting databases are common and attackers know it. Here are the top database weaknesses they try to exploit.

forensics threat hunter cyber security thumbprint

Feature

How Windows admins can get started with computer forensics

Analyzing forensics logs requires a unique approach. Here are the basics of what you need to know and the tools to use.

high priority gauge

Feature

CISOs’ 15 top strategic priorities for 2021

Mitigating third-party risk, baking security into the development process, defending against ransomware attacks, keeping pace with digital transformation efforts—these are just a few things that are top-of-mind for CISOs today.

fail epic fail disaster disrupt upset angry thinkstock

Feature

Opsec examples: 6 spectacular operational security failures

Even savvy dark web denizens sometimes fail to cover their tracks.

A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]

Feature

5 best practices for designing application logs

Better logs make it easier to distinguish between critical data and noise. Here's how to design logs with security in mind.

Unitd States cybersecurity > U.S. flag with a digital network of locks instead of stars

News Analysis

CISA unveils Joint Cyber Defense Collaborative with tech heavyweights as first private partners

The new initiative aims to provide organizations with unprecedented levels of information and context with an initial focus on ransomware and incident response for cloud providers.

a hand holds an open book from which abstract letters emerge

Feature

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.

typewriter are you ready prepare contingency disaster recovery

How-To

Tabletop exercises: Six sample scenarios

Tabletop exercises are a low-stress, high-impact way to test your plans for handling a crisis. Here are some tips for getting the most out of the process, plus six scenarios you can use to start your journey.

hsm shredder

Opinion

IT asset disposal is a security risk CISOs need to take seriously

Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.

A group discussion takes place in a glass conference room, in a busy office workspace.

Feature

Tabletop exercises explained: Definition, examples, and objectives

A tabletop exercise is an informal, discussion-based session in which a team or discusses their roles and responses during an emergency, walking through one or more example scenarios.

7 response plan be prepared are you ready typewriter

Feature

10 things to do now to reduce the cost of your next data breach

Taking these steps will save money, time, and reputation when that next breach hits.

8 getting breached is bad for business

Feature

Minimizing damage from a data breach: A checklist

How you respond to a data breach and the amount of damage it causes depends on how well prepared you are. Have you done everything on this list?

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

Feature

Can WebAuthn and U2F finally give us safe and easy Two-Factor authentication?

Using your smartphone for two-factor authentication is easy, but it's not as secure as you might think. The real future for secure 2FA lies in the WebAuthn and Universal 2nd Factor standards.

puzzle pieces / network / connections / component parts of a whole / microservices

Cybersecurity SnippetsBy Jon Oltsik

Why XDR must include MDR

Technology alone isn't enough; organizations need help with security operations.

mobile security / threat detection / traffic analysis

Cybersecurity SnippetsBy Jon Oltsik

XDR is coming: 5 steps CISOs should take today

Beyond threat detection and response, CISOs should think of XDR as an opportunity to modernize the SOC, automating processes, and improving staff productivity. Here's your XDR game plan for 2021.

security audit - risk assessment - network analysis

Feature

Microsoft 365 Advanced Audit: What you need to know

Microsoft's powerful new auditing options will help detect intrusions and see what was accessed...if you've paid for the right licenses.

audit binary compliance magnifying glass investigate

Feature

5 ways to combat audit fatigue

The growing number of audits for security and privacy regulatory compliance is stressing security personnel and draining resources from security operations. Here's how to better manage them.

Strategy > Moving chess pieces as abstract data overlays the game

Feature

5 ways attackers counter incident response, and how to stop them

IR has become a chess match with attackers who can cleverly spoil responders' efforts and keep a foothold in systems. Here's how they do it and how to kick them out for good.

Load More

Popular Resources

White Paper

2020 Forrester State of Security Operations
White Paper

Find Your Competitive Advantage by Prioritizing Key Technology Investments
White Paper

Worldwide Security as a Service Forecast, 2021–2025
Video/Webcast
Sponsored

Managing Insider Risk with a Hybrid Workforce Featuring Forrester Research
eGuide
Sponsored

A Comprehensive Guide to Building a Pentest Program

See All

Most Popular

3 former US intel officers turned cyber mercenaries plead guilty: An insider...

BrandPosts

Sponsored by CIS

The 5 Ws for Building a Strong Cybersecurity Plan
Sponsored by Sophos

The Way Forward: 5 Security Fixes to Support a Hybrid Workforce