Log4Shell: A retrospective
Now that the dust has settled on both the holiday season and the Log4j vulnerability that saw many of us working through it (CVE-2021-44228), it makes sense to look back and …
Democratizing security with Open XDR
There is no denying the notion of strength in unity. Similarly, inclusiveness and the broad participation of many is another idea that is widely cherished. These are both …
Open banking innovation: A race between developers and cybercriminals
In this interview with Help Net Security, Karl Mattson, CISO at Noname Security, explains the wide usage of open banking and how it can easily be exploited if adequate …
Cloud security training is pivotal as demand for cloud services explode
Change is afoot. The private, public and third sector are transitioning from on-premises and datacenter-hosted infrastructure to hybrid architectures utilizing …
Why identity and access management strategies need a booster
In this interview with Help Net Security, Miles Hutchinson, CISO of Jumio, talks about the pain points of identity and access management and the importance of strenghtening …
Tips to mitigate public-key cryptography risk in a quantum computing world
Quantum computing is poised to transform the industry over the next decade. With its promise of breakthrough speed and power, it’s easy to understand why there is so much hype …
Low code applications are essential for cybersecurity development in applications
One of the biggest changes to the cybersecurity landscape is that developers are now often expected to implement security directly into the applications they’re building as …
Why security strategies need a new perspective
After a stream of ransomware campaigns, data leaks, and attacks on critical infrastructure, businesses understand their digitization strategy needs to be complemented by a …
Why cybersecurity and anti-fraud teams need to collaborate
Over the past couple of years, there has been unprecedented change in the world of financial services. The shift to online banking has accelerated the need for digital …
The four types of remote workers your security awareness program must address
No matter how much technology you acquire or how many specific technical controls you install, when it comes to your information security awareness program, the most important …
Contextualizing supply chain risks in a SaaS environment
In the wake of the SolarWinds and Kaseya attacks, third-party cybersecurity risks remain top of mind for security leaders. Nonetheless, CISOs continue to experience …
Building confidence in your system’s security with chaos engineering
In this interview with Help Net Security, Aaron Rinehart, CTO at Verica, explains the discipline of chaos engineering and how it can help organizations build more resilient …