Identifying evasive threats hiding inside the network
There is no greater security risk to an organization than a threat actor that knows how to operate under the radar. Malicious insiders and external cybercriminals are getting …
Three essential elements of a successful Zero Trust cybersecurity program
Organizations have traditionally deployed cybersecurity approaches that adhered to the phrase made famous by President Ronald Reagan: “Trust, but verify.” This meant that most …
With shadow IT running rampant, how can IT keep pace?
Data privacy is high on the minds of businesses and consumers alike, as society at large is getting wise to the potential dangers that even seemingly innocuous apps (ie. …
Automating CCPA compliance: Organize your data and manage requests
Time is running out for California-based businesses to prepare for the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020. Despite the Act being …
A point-in-time approach to risk management is no longer effective
Among organizations that engage third parties to provide business services, 83% identified third-party risks after conducting due diligence and before recertification, …
Red teaming: Why a forward offense is the best defense
Companies are under constant threat. Opportunistic attackers scan the internet for weak points, motivated attackers target specific organizations for susceptibility to a scam …
Closing the cyber skills gap: What to do next
On a global scale, cybersecurity is suffering from a severe shortage of experts. What is to be done? Organizations, government, academia and professional associations need to …
Threat actors are adapting and switching their operations strategically and technically
Cybercrime campaigns and high-profile advanced persistent threat groups are shifting how they target victims and focusing more on intricate relationships with “secure …
Extending security to fourth parties your business needs, but doesn’t control
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth …
AI vs. AI: Cybersecurity battle royale
David and Goliath. The Invasion of Normandy. No matter the generation, we all know some of the storied battles that have withstood the test of time. In cyberspace, however, …
The changing face of DDoS attacks: Degraded performance instead of total takedown
The number of DDoS attacks might be getting higher, but they are not all massive nor do they always trigger DDoS defenses. In fact, small-scale DDoS attacks are becoming more …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …