strategy

How CISOs can justify security investments in financial terms
In this Help Net Security interview, John Verry, Managing Director at CBIZ, discusses how insurers and financial risk professionals evaluate cybersecurity maturity through …

Employees are using AI where they know they shouldn’t
Despite widespread anticipation about AI’s positive impact on workforce productivity, most employees feel they were overpromised on its potential, according to GoTo. In fact, …

Hackers love events. Why aren’t more CISOs paying attention?
When CISOs think about risk, they usually think about cloud platforms, laptops, and data centers. But live events like conferences, trade shows, product launches, and …

CISOs brace for a surge in domain-based cyber threats
Cybersecurity threats are growing more complex, and domain-based attacks are at the center of this shift. CSC’s CISO Outlook 2025 report, based on a survey of 300 security …

Why banks’ tech-first approach leaves governance gaps
In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk …

Why CISOs need to understand the AI tech stack
As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global …

19 ways to build zero trust: NIST offers practical implementation guide
The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled …

Want fewer security fires to fight? Start with threat modeling
CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for …

CISOs call for operational threat intelligence integration
98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and …

The path to better cybersecurity isn’t more data, it’s less noise
In cybersecurity, there’s an urge to collect as much data as possible. Logs, alerts, metrics, everything. But more data doesn’t necessarily translate to better …

How to build AI into your business without breaking compliance
AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies …

The legal questions to ask when your systems go dark
At Span Cyber Security Arena, I sat down with Iva Mišković, Partner at the ISO-certified Mišković & Mišković law firm, to discuss the role of legal teams during cyber …
Featured news
Resources
Don't miss
- Trojanized SonicWall NetExtender app exfiltrates VPN credentials
- High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
- Why work-life balance in cybersecurity must start with executive support
- Reconmap: Open-source vulnerability assessment, pentesting management platform
- Microsoft will start removing legacy drivers from Windows Update