5 critical questions to test your ransomware preparedness
I’m a pentester – that is, a professional penetration tester. Some call me an ethical hacker, a white hat, or red teamer. In the heat of the moment, I’ve been called much …
Expert analysis
Why cyber security can’t just say “no“
There was a time, not long ago, when there were only so many ways of accomplishing an information technology task. Whether you were building a website, setting up a new …
Recovering from a cybersecurity earthquake: The lessons organizations must learn
It’s been over a year since the SolarWinds supply chain hack sent shockwaves through thousands of organizations worldwide, but this cybersecurity earthquake is by no means …
The SaaS-to-SaaS supply chain is a wild, wild mess
Cloud migration and IT democratization have created a continuously growing network of interconnected business applications, integrated to digitize and automate business …
How to avoid headaches when publishing a CVE
You have discovered a vulnerability. Congratulations! So, what happens next? Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process which starts …
An offensive mindset is crucial for effective cyber defense
As ransomware attacks continue to increase and cybercriminals are becoming more sophisticated, the federal government has implemented a more proactive approach when it comes …
How to set up a powerful insider threat program
Security spend continues to focus on external threats despite threats often coming from within the organization. A recent Imperva report (by Forrester Research) found only 18 …
The role of streaming machine learning in encrypted traffic analysis
Organizations now create and move more data than at any time ever before in human history. Network traffic continues to increase, and global internet bandwidth grew by 29% in …
May 2022 Patch Tuesday forecast: Look beyond just application and OS updates
April Patch Tuesday provided an extensive set of operating system and application updates after a few quiet months. Microsoft addressed 97 vulnerabilities in Windows 10, and …
Nothing personal: Training employees to identify a spear phishing attack
Phishing attacks began years ago as simple spam, designed to trick recipients into visiting sites and becoming customers. In the meantime, they have morphed into a worldwide …
Tackling the threats posed by shadow IT
While remote technologies have allowed businesses to shift their workforces online, this flexibility has created a swathe of challenges for IT teams who must provide a robust …
7 threat detection challenges CISOs face and what they can do about it
Security operations (SecOps) teams continue to be under a constant deluge of new attacks and malware variants. In fact, according to recent research, there were over 170 …