How to remove human error from the cyber risk equation
In attempting to fortify the enterprise’s cyber assets, we have turned much of our attention to human error. After all, the vast majority of hackers rely upon their …
Build or buy: What to consider when deploying on-premise or cloud-based PKI
Public Key Infrastructure (PKI), once considered an IT table stake, has transformed from a tool used to protect websites to a core digital identity management function within …
Winning the security fight: Tips for organizations and CISOs
For large organizations looking to build a robust cybersecurity strategy, failure to get the fundamentals in place practically guarantees a disaster. If you ask Matthew …
Unmask cybercriminals through identity attribution
Organized crime has grown more complex since the turn of the century. Coinciding with the rise of the digital world, cybercriminals have leveraged the proliferation of …
How to start achieving visibility in the cloud
As a security executive, you have a curious gig. On one hand, you’re responsible for securing your organization across multiple systems, networks, clouds, and geographies. On …
CISO do’s and don’ts: Lessons learned
Keeping a business safe from cyber threats while allowing it to thrive is every CISO’s goal. The task is not easy: a CISO has to keep many balls in the air while being …
Worried about cyber pirates hijacking autonomous ships? Focus on port cybersecurity first
On average, the U.S. Coast Guard issues between ten and twenty safety alerts annually. Alerts tend to function more as a public service announcement designed to raise …
Three essential elements of a successful Zero Trust cybersecurity program
Organizations have traditionally deployed cybersecurity approaches that adhered to the phrase made famous by President Ronald Reagan: “Trust, but verify.” This meant that most …
Red teaming: Why a forward offense is the best defense
Companies are under constant threat. Opportunistic attackers scan the internet for weak points, motivated attackers target specific organizations for susceptibility to a scam …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Pitfalls to avoid when improving your software development skills
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for …
Microsoft is right, mandatory password changes are obsolete
Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained to think for the last …