Features

Selecting the right people.

4 strategy game-changers for finding cybersecurity talent

Some CISOs are shaking up their staffing plans to address the challenges of recruiting, hiring and retaining cybersecurity workers – and finding success in their moves.

locked phone and virtual data [mobile security]

In-app browser security risks, and what to do about them

Data security and privacy risks surrounding in-app browsers have been making headlines. These are the threats they pose and steps needed to minimize them.

password azure protection security policy

How Azure Active Directory opens new authentication risks

Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD.

A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]

Top 12 managed detection and response solutions

These MDR services offer human and machine monitoring of your network to identify and respond to the most likely threats.

rules rulebook letters compliance regulation by alex ishchenko getty

Resolving conflicts between security best practices and compliance mandates

Sometimes the latest security best practices don't align with an organization's compliance templates. These are some of the areas where you might need an exception.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

Key takeaways from the Open Cybersecurity Schema Format

The OCSF looks to standardize and normalize the data that cybersecurity tools generate with the goal of making them work better together.

John Deskurakis, Chief Product Security Officer (CPSO), Carrier Global Corp.

How Carrier’s product security team delivers the ‘right support for the right product’

Carrier CPSO John Deskurakis developed a framework for product security that works for the lifecycle of all products across all business lines

Cyber warfare  >  Russian missile launcher / Russian flag / binary code

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.

Patch + update options  >  Pixelized tools + refresh symbol with branching paths

Why patching quality, vendor info on vulnerabilities are declining

It's getting harder to assess the impact of patching or not patching, and too many patches don't fully fix the problem. It's time to pressure vendors.

Digitization of United States currency  >   Digital transactions

What is the cost of a data breach?

The cost of a data breach is not easy to define, but as more and more organizations fall victim to attacks and exposures, the financial repercussions are becoming clearer.

Two people review information on a tablet in an office workspace.

6 best practices for blue team success

Every stakeholder, from the CISO to even the red team, wants the blue team to succeed against simulated cyberattacks. Sticking to this advice will help make that happen.

woman teaching class presentation collaboration

7 critical steps for successful security onboarding

Creating a culture of security starts on day one, say veteran security leaders. Here’s their advice for making that initial security training more effective.

stephanie franklin thomas 1200x800

How ABM built a cohesive security program around zero trust

CISO Stephanie Franklin-Thomas advances ABM’s security program with a holistic approach to zero trust, putting equal emphasis on people, process, and technology.

ransomware

Ransomware safeguards for small- to medium-sized businesses

Following these 40 safeguards from the Institute for Security and Technology will help protect SMBs from ransomware and other malware attacks.

Zero-trust

What is zk-SNARK?

An intro to the most popular zero-knowledge protocol

Developers work together to review lines of code in an office workspace.

Vulnerability eXploitability Exchange explained: How VEX makes SBOMs actionable

VEX adds context to software vulnerabilities to better inform risk assessment decisions.

A binary map of china.

3 ways China's access to TikTok data is a security risk

The security community weighs in on real-world scenarios in which China or other nations could operationalize data collected by online platforms and how to mitigate the risk.

5g cellular tower

Top 5 security risks of Open RAN

Open RAN enables interoperability among hardware, software, and interfaces used in cellular networks but also changes their attack surface.

ransomware attack

Black Basta: New ransomware threat aiming for the big league

The Black Basta ransomware gang has reached a high level of success in a short time and is possibly an offshoot of Conti and REvil.

orange monitors with lock icon network security cyber threat

37 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. This list, though not comprehensive, presents the most significant threats.

Load More