CISOs: Make 2020 the year you focus on third-party cyber risk
While cybersecurity professionals are certainly aware of the growing threat posed by sharing data with third parties, many seem to lack the urgency required to address this …
Cybercriminals using fake job listings to steal money, info from applicants
Be extra careful when looking for a job online, the Internet Crime Complaint Center (IC3) warns: cybercriminals are using fake job listings to trick applicants into sharing …
There is no easy fix to AI privacy problems
Artificial intelligence – more specifically, the machine learning (ML) subset of AI – has a number of privacy problems. Not only does ML require vast amounts of data for …
Techniques and strategies to overcome Kubernetes security challenges
Five security best practices for DevOps and development professionals managing Kubernetes deployments have been introduced by Portshift. Integrating these security measures …
Embedding security, the right way
As organizations proceed to move their processes from the physical world into the digital, their risk profile changes, too – and this is not a time to take risks. By not …
Security pitfalls to avoid when programming using an API
OWASP’s API Security Project has released the first edition of its top 10 list of API security risks. The most common and perilous API security risks API abuse is an …
A 101 guide to mobile device management
Extending beyond the traditional company network, mobile connectivity has become an extension of doing business and IT staff need to not just rethink how existing activities, …
Why outsourcing your DPO role is an effective insurance policy
Organizations are starting to take a much more considered approach to data protection as high-profile regulatory action for data mishandlings has raised both the stakes and …
ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical …
Burner phones are an eavesdropping risk for international travelers
In recent years, burner phones have become an obligatory part of the international business traveler’s toolkit. But though these devices are designed to minimize the amount of …
Data ownership vs. data processing: A moral dilemma?
Work around data seems to never end. Between collection, sharing and use – the burden of this falls onto the shoulders of the CISO, the broadness of which, seems to be …
Modern security product certification best practices
IT security product manufacturers are required to achieve government mandated, standards-based certifications to get their product in market. One of the most common, aptly …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do