
Preventing insider threats, data loss and damage through zero trust
With the proliferation of mobile devices and BYOD, ubiquitous and always available internet connectivity and the widespread use of private, public and hybrid cloud solutions, …

Create secure IoT products: Enable security by design
Good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime have been introduced …

Want to build a successful SOC? Here’s what you need to know
There is no arguing the fact that networks are continually growing in complexity and the cyberattack surface is constantly expanding. A critical step in building a stronger …

Lateral phishing makes for dangerous waters, here’s how you can avoid getting caught in the net
As companies and consumers have become more aware of phishing, hackers have refined their techniques and are now launching a more advanced form of attack known as lateral …

The password reuse problem is a ticking time bomb
Despite Bill Gates predicting the demise of passwords back in 2004, they are still very much in use. Passwords, like email, seem future proof; but they are also the source of …

When is the right time to red team?
“It takes a thief to catch a thief.” Despite being hundreds of years old, this idiom holds perfectly true for that most modern of thieves, the cybercriminal. With …

What financial records do companies need to keep, and for how long?
Companies generate stacks of documents and managing them correctly is crucial. It can be complicated to balance organizational requirements, employee interests, and legal …

Phishing attacks are a complex problem that requires layered solutions
Most cyberattacks start with a social engineering attempt and, most often than not, it takes the form of a phishing email. It’s easy to understand the popularity of this …

How to remove human error from the cyber risk equation
In attempting to fortify the enterprise’s cyber assets, we have turned much of our attention to human error. After all, the vast majority of hackers rely upon their …

Chance that flaws will ever be dealt with diminishes the longer they stick around
More than half of all security findings (56%) are fixed, but a focus on fixing new findings while neglecting aging flaws leads to increasing security debt, according to …

Analysis reveals the most common causes behind mis-issued SSL/TLS certificates
We should be able to trust public key certificates, but this is the real world: mistakes and “mistakes” happen. Researchers from Indiana University Bloomington …

Build or buy: What to consider when deploying on-premise or cloud-based PKI
Public Key Infrastructure (PKI), once considered an IT table stake, has transformed from a tool used to protect websites to a core digital identity management function within …
Featured news
Resources
Don't miss
- Millions of Dell laptops could be persistently backdoored in ReVault attacks
- Project Ire: Microsoft’s autonomous malware detection AI agent
- Security tooling pitfalls for small teams: Cost, complexity, and low ROI
- BloodHound 8.0 debuts with major upgrades in attack path management
- Back to basics webinar: The ecosystem of CIS Security best practices