strategy
Making informed decisions: The importance of data driven security
When deciding what product to buy, the information the vendor offers about the product is helpful, but not nearly enough: you need to analyze individual product results and …
The importance of career pathing in the cybersecurity industry
A major issue facing our industry right now is a significant shortage of talented, skilled cybersecurity professionals. Whether that’s due to lack of interest or a fundamental …
Endpoint breach prevention by reducing attack surfaces
In this podcast recorded at Black Hat USA 2018, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about endpoint breach prevention by reducing …
Chaos and confusion reign with existing firewall infrastructure
Many organizations are still struggling to master basic firewall hygiene, promising increased complexity and risk associated with network security policy management for those …
Three A’s of SaaS adoption, and why every company goes through them
I’ve noticed that as more and more companies turn to SaaS applications to power their business, they all experience the same journey along the way, more or less. Everyone goes …
Security’s bane: The false positive
Nothing makes security look worse than the false negative – when we miss an attack and damage is suffered. As security professionals, it’s something we all obsess a lot …
Enterprises as modern software factories: Infusing security throughout the app dev process
The DevOps methodology is ready to take the next step in its evolution. The first instance incorporated an operational approach to application development to create in-house, …
The future of OT security in critical infrastructure
Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. While current advances in OT/ICS cyber security …
There’s a global divide in how organizations assess cyber risk
Nearly 48 percent of organizations globally have embraced strategic vulnerability assessment – defined as mature or moderately mature programs that include targeted and …
Intensifying DDoS attacks: Choosing your defensive strategy
One of the biggest misconception regarding DDoS attacks is that they are a once-in-a-lifetime event for organizations, says Josh Shaul, VP of Web Security at Akamai. …
Rise in email impersonation attacks makes companies re-assess their security efforts
Most companies believe they’ve experienced serious data breaches driven by email impersonation in the past 12 months – but are not doing nearly enough to prevent future …
Industrial cybersecurity: Protecting OT from IT
A powerful technique for protecting OT from IT, or to enforce whatever separation is required to ensure the integrity of industrial control infrastructure, involves …