Features
Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it
Understand why ProxyNotShell is different from Proxyshell and why mitigation advice has changed.
How acceptable is your acceptable use policy?
If users resent, fear, or ignore policies around the use of corporate resources, it may be time for a different approach that incentivizes rather than punishes.
14 lessons CISOs learned in 2022
The coming new year is a good moment for chief information security officers to reflect on what they've learned this year and how to apply this knowledge going forward.
Microsoft's rough 2022 security year in review
The ubiquity of Microsoft technology in organizations big and small make it a target for attack. These are the most important vulnerabilities and fixes from 2022 that admins need to know.
Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation
Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.
The cybersecurity challenges and opportunities of digital twins
The virtual representation of objects or systems through digital twins provide organizations greater insight into their assets but it can also invite malicious actors.
What you should know when considering cyber insurance in 2023
When even the best-laid cybersecurity plans fail, cyber insurance can help mitigate an organization’s exposure to financial and operational risk—but the insurance landscape is shifting with the times.
When blaming the user for a security breach is unfair – or just wrong
Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...
8 things to consider amid cybersecurity vendor layoffs
Cybersecurity vendor layoffs raise several issues for CISOs and customers, not the least of which are security and risk-related factors. Here are 8 things to consider if your security vendor has announced significant staff cuts.
What is Ransom Cartel? A ransomware gang focused on reputational damage
The group combines data encryption with data theft and threatens to release stolen information on their website. But Ransom Cartel ups its game by threatening to send sensitive information to victim’s partners, competitors, and news...
How to build a public profile as a cybersecurity pro
High-profile cybersecurity professionals share their paths, tips, and learnings for those interested in creating a personal brand.
Top 7 CIAM tools
Customer identity and access management (CIAM) is the basis to improve management and control of third parties’ access to a business. Here are the top seven CIAM tools currently in the market.
EPSS explained: How does it compare to CVSS?
The Exploit Prediction Scoring System has its shortcomings, but it can complement CVSS to help better prioritize and assess vulnerability risk.
Online retailers should prepare for a holiday season spike in bot-operated attacks
On the naughty list this year are a host of bad actors employing a huge variety of different bot attacks that can have a big impact on retail websites. Fortunately, there are steps cybersecurity professionals can take to mitigate the...
Know thy enemy: thinking like a hacker can boost cybersecurity strategy
Putting on a red hat and trying to understand the motivations, expectations, behaviors, and goals of bad actors can be a key part of a solid cybersecurity plan.
How remote working impacts security incident reporting
Security teams must update their security incident reporting policies and processes to account for remote work or risk exposure to increased threats.
Android security: Which smartphones can enterprises trust?
A broad range of vendors means a broad range of security issues to understand and assess. But three Android vendors meet the highest security standards — and one should be avoided.
Build a mature approach for better cybersecurity vendor evaluation
Establishing a thorough, well-planned in-house strategy for assessing cybersecurity vendors and their products is a hallmark of an organization’s maturity and can avoid hassles, headaches, and unnecessary expense.
How Cisco keeps its APIs secure throughout the software development process
Cisco’s API-for-an-API project unifies API security tools and weaves security through all stages of the software process.
![A hand flicks on an update switch. [ software update / fix / patch ]](https://images.idgesg.net/images/article/2020/08/hand_flicks_on_update_switch_software_update_fix_patch_by_stadtratte_gettyimages-1140137377_2400x1600-100854510-small.3x2.jpg?auto=webp&quality=85,70)
Why it's time to review your Microsoft patch management options
Microsoft does not appear to be updating Windows Software Update Services, but newer patch management options might be a better choice.
Most Popular
BrandPosts
Learn more-
Sponsored by CyberArk
-
Sponsored by Microsoft Security
-
Sponsored by Cisco