The five step plan that cuts security budget waste
In this Help Net Security video, Viktor Bulanek, CTO of Penetrify, explains where security budget waste comes from. Budgets get built around vendor categories, compliance …
Reading between the lines of a cyber insurance policy
Enterprises in regulated industries often carry cyber insurance policies because contracts require it or boards ask for documented risk transfer. The global market for these …
Companies keep getting breached by vulnerabilities they already knew about
Scanning tools have gotten good at their work. Organizations now find more weaknesses across more of their systems than at any earlier point in the industry’s history. A …
Your vendor’s vendor might be the real breach risk
In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers now target the …
Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
In this interview with Help Net Security, Miranda Ritchie, CISO at Orbia, talks about protecting industrial systems where software runs water, chemical and manufacturing …
Securing the inbox: Where identity, brand and security meet
Getting a verified logo to appear next to your email has traditionally meant having to work with two separate entities. You have to work with a DMARC partner for setting up …
Where IT meets OT and railway cybersecurity gets harder
In this interview with Help Net Security, Jorge Aldegunde, Global Head of Railway Services at DNV, talks through what happens when old operational technology meets newer IT in …
Who pays when you gate cyber-capable AI models?
In this interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, examines the debate over restricting access to cyber-capable AI models. She lays out the …
Onspring CISO on where automated GRC systems fall short
In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains …
How to use NIST and ISO frameworks to govern AI agents
Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously …
Threat actors are recruiting the people who hold cloud logins
Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding those credentials into …
Cyber resilience metrics that drive action
In this Help Net Security video, Pete Bowers, COO at NormCyber, explains how organizations can build a cyber resilience metrics program that supports better decisions. He …
Featured news
Resources
Don't miss
- Prompt injection is becoming the XSS of the web agent era
- The script, not the voice, is what makes AI voice phishing work
- The five step plan that cuts security budget waste
- CISA folds its own hard-won lessons into coordinated vulnerability disclosure guidance
- Romania’s land registry hit by cyber attack, data allegedly for sale