Please turn on your JavaScript for this page to function normally.
vulnerability
Low code, high stakes: Addressing SQL injection

Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source …

Jim Dolce
Security and privacy strategies for CISOs in a mobile-first world

In this Help Net Security interview, Jim Dolce, CEO at Lookout, discusses securing mobile devices to mitigate escalating cloud threats. He emphasizes that organizations must …

Securities and Exchange Commission
Six months of SEC’s cyber disclosure rules

In this Help Net Security video, Mark Millender, Senior Advisor of Global Executive Engagement at Tanium, discusses the overall sentiment from CISOs of large, public companies …

executive
Cloud migration expands the CISO role yet again

The CISO role used to be focused primarily on information security — creating and implementing policies to safeguard an organization’s data and IT infrastructure from …

strategy
Why CISOs need to build cyber fault tolerance into their business

CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, …

NIST CSF 2.0
The evolution of security metrics for NIST CSF 2.0

CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or …

database
Widespread data silos slow down security response times

Although the goals and challenges of IT and security professionals intersect, 72% report security data and IT data are siloed in their organization, which contributes to …

strategy
Human error still perceived as the Achilles’ heel of cybersecurity

While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the …

security
CISOs pursuing AI readiness should start by updating the org’s email security policy

Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on …

CISSP exam experience
How a GRC consultant passed the CISSP exam in six weeks

Ask any IT security professional which certification they would consider to be the “gold standard” in terms of prestige, credibility, or difficulty, and almost invariably they …

strategy
AI’s rapid growth puts pressure on CISOs to adapt to new security risks

The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix. …

strategy
Security tools fail to translate risks for executives

Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace. The results indicate …

Don't miss

Cybersecurity news