Mapping ATT&CK techniques to CVEs should make risk assessment easier
Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered …
Advice from a young, female CISO: Key lessons learned
Ellen Benaim, the newest CISO at Copenhagen-based SaaS provider Templafy, started her career at the company in June 2018 as technical support, but from the moment she sat down …
How do I select an SD-WAN solution for my business?
In a time when businesses are becoming hybrid and remote, companies have been turning more and more to the adoption of SD-WAN solutions, particularly paying attention to their …
Is offensive testing the way for enterprises to finally be ahead of adversaries?
The one principle the cyber-security industry is founded on is that defenders are always a step behind the hackers. Solutions are developed (FW, AV and onwards), technologies …
SolarWinds hackers are going after cloud, managed and IT service providers
Nobelium, the advanced, persistent threat (APT) actor behind the 2020 SolarWinds supply chain attack that served as a springboard for breaching a variety of high-level …
Smartphone counterespionage for travelers
If you’re traveling abroad on business, there’s a good chance you’ll need to bring along a smartphone to get around, meet up with associates or learn about the idiosyncrasies …
Secure your databases against opportunistic attackers
If you connect databases / servers to the internet and secure them poorly, you can count on them getting compromised quickly. According to findings by Radoslaw Zdonczyk, …
The importance of crisis management in the age of ransomware
Cybersecurity crises are becoming commonplace. With the massive surge in ransomware attacks in the last few years, businesses can’t afford to ignore the increasing …
October 2021 Patch Tuesday forecast: Halloween came early this year
Halloween is not until the end of the month, but there has already been a lot of scary activity leading up to this patch Tuesday. PrintNightmare and Apple zero-days are just a …
Which technologies can help legal and compliance teams navigate a changing landscape of risk?
In this interview with Help Net Security, Zack Hutto, Director of Advisory Services at Gartner‘s Legal and Compliance Practice, talks about the challenges legal and …
Five proven techniques for building effective fraud management
Effective management of fraud has long been a vital capability within organizations, and for good reasons. According to the Association of Certified Fraud Examiners’ …
How CISOs plan to accelerate the adoption of automation
ThreatQuotient released the State of Cyber Security Automation Adoption in 2021, new research focused on understanding the importance, challenges and trends facing businesses …
Featured news
Resources
Don't miss
- CISA warns about actively exploited Broadcom, Commvault vulnerabilities
- Marks & Spencer cyber incident linked to ransomware group
- Eyes, ears, and now arms: IoT is alive
- What’s worth automating in cyber hygiene, and what’s not
- Want faster products and stronger trust? Build security in, not bolt it on