Expert analysis

The importance of access controls in incident response
The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your …

Is an open-source AI vulnerability next?
AI has captured widespread interest and offers numerous benefits. However, its rapid advancement and widespread adoption raise concerns, especially for those of us in …

How a GRC consultant passed the CISSP exam in six weeks
Ask any IT security professional which certification they would consider to be the “gold standard” in terms of prestige, credibility, or difficulty, and almost invariably they …

Red teaming: The key ingredient for responsible AI
Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other …

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact
The updates have been released: May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) The thunderstorms of April patches have passed, …

How secure is the “Password Protection” on your files and drives?
People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate …

Regulators are coming for IoT device security
Cybersecurity is a relatively new challenge for many IoT device makers who have traditionally produced non-connected devices. These devices were less vulnerable to …

6 tips to implement security gamification effectively
There’s not a CISO in the industry who’s not aware of the extremely short median CISO tenure. That’s why the best CISOs are those who constantly seek ways to strengthen their …

What is cybersecurity mesh architecture (CSMA)?
Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security …

Securing your organization’s supply chain: Reducing the risks of third parties
When Stephen Hawking said that “we are all now connected by the internet, like neurons in a giant brain”, very few people understood the gravity of his statement. But ten …

Why cloud vulnerabilities need CVEs
When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk …

Applying DevSecOps principles to machine learning workloads
Protecting data and other enterprise assets is an increasingly challenging task, and one that touches nearly every corner of an organization. As the complexity of digital …
Featured news
Resources
Don't miss
- The risks of autonomous AI in machine-to-machine interactions
- Balancing cloud security with performance and availability
- The XCSSET info-stealing malware is back, targeting macOS users and devs
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
- Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme