Adhering to the mobility requirements of NIST 800-171 does not have to keep you awake at night
The majority of companies in the United States and Europe are required to comply with at least one IT security regulation – often times more. This forces companies to exert …
Perimeter solutions: Do layers of security make a difference?
As an enterprise, it is always important to constantly reevaluate information security solutions. When doing so, take a good look at the perimeter solutions in place and their …
WHOIS after GDPR: A quick recap for CISOs
2018 was a big year for data protection with the implementation of the General Data Protection Regulation (GDPR) last May — forcing CISOs and other professionals to rethink …
The security challenges that come with serverless computing
Serverless computing (aka Function-as-a-Service) has been a boon to many enterprises: it simplifies the code development and deployment processes while improving utilization …
To DevSecOps or not to DevSecOps?
Would your organization benefit from introducing DevSecOps? Dan Cornell, CTO of application security company Denim Group, believes that most organizations would. With one …
The CIO’s greatest roadblock to Agile development: Security governance
Today, the greatest roadblock CIOs face when adopting Agile development is not ‘security in general,’ but ‘security governance.’ We can define ‘security governance’ as the …
How to Marie Kondo your data
By now you’ve heard about Marie Kondo, the author of New York Times bestseller, The Life Changing Magic of Tidying Up, and star of Tidying Up, the new Netflix show that puts …
Lessons learned from the many crypto hacks
The one poignant lesson that crypto investors globally have learned over the years is that despite the immutable, impenetrable nature of the technology behind cryptocurrencies …
Build-time security: Block risk and security issues from production rings
Build-time security has become a standard part of any security program and continues to grow in popularity with the shift left movement. In its most popular form, it’s a …
Weighing the options: The role of cyber insurance in ransomware attacks
The Norsk Hydro cyberattack is a real-time case study of what an international company goes through when a ransomware attack is successful. Over the last week, we’ve witnessed …
How to build an effective vulnerability management program
The concept of vulnerability management has undergone a number of changes in the last few years. It is no longer simply a synonym for vulnerability assessment, but has grown …
Guilty by association: The reality of online retail third-party data leaks
Online retail activity continues to accelerate at a rampant pace and shows no signs of slowing down. According to the National Retail Federation (NRF), U.S. retail sales are …
Featured news
Resources
Don't miss
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)