Why cyber security can’t just say “no“
There was a time, not long ago, when there were only so many ways of accomplishing an information technology task. Whether you were building a website, setting up a new …
cyber risk
The SaaS-to-SaaS supply chain is a wild, wild mess
Cloud migration and IT democratization have created a continuously growing network of interconnected business applications, integrated to digitize and automate business …
Why are DDoS attacks so easy to launch and so hard to defend against?
DDoS attacks are an underappreciated residual risk for most organizations today. While most people are concerned about ransomware, it typically takes a ransomware attacks …
Ransomware works fast, you need to be faster to counter it
Since the pandemic hit and organizations had to quickly adjust to widespread remote work and stand up hybrid environments, ransomware gangs have been having a field day. In …
Password reuse is rampant among Fortune 1000 employees
SpyCloud published an annual analysis of identity exposure among employees of Fortune 1000 companies in key sectors such as technology, finance, retail and telecommunications. …
How to set up a powerful insider threat program
Security spend continues to focus on external threats despite threats often coming from within the organization. A recent Imperva report (by Forrester Research) found only 18 …
Data centers on steel wheels: Can we trust the safety of the railway infrastructure?
In this interview for Help Net Security, Dimitri van Zantvliet Rozemeijer, CISO at Nederlandse Spoorwegen (Dutch Railways), talks about railway cybersecurity and the …
NIST updates guidance for cybersecurity supply chain risk management
The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks …
Nothing personal: Training employees to identify a spear phishing attack
Phishing attacks began years ago as simple spam, designed to trick recipients into visiting sites and becoming customers. In the meantime, they have morphed into a worldwide …
Tackling the threats posed by shadow IT
While remote technologies have allowed businesses to shift their workforces online, this flexibility has created a swathe of challenges for IT teams who must provide a robust …
How to avoid security blind spots when logging and monitoring
Cybersecurity involves a balancing act between risk aversion and risk tolerance. Going too far to either extreme may increase cost and complexity, or worse: cause the …
308,000 exposed databases discovered, proper management is key
Group-IB carried out a deep dive into exposed digital assets discovered in 2021. During the research, the attack surface management team analyzed instances hosting …