Expert analysis
Speeding MTTR when a third-party cloud service is attacked
We all know you can’t stop every malicious attack. Even more troublesome is when an externally sourced element in the cloud – engaged as part of your infrastructure …
November 2019 Patch Tuesday forecast: Out with the old, in with the new
There are only two more Patch Tuesday’s before the new year, but we already have something new to experience this November. Windows 10 version 1909, named the November 2019 …
What financial records do companies need to keep, and for how long?
Companies generate stacks of documents and managing them correctly is crucial. It can be complicated to balance organizational requirements, employee interests, and legal …
5 factors to consider when choosing an encryption key management system
Data breaches are at an all-time high with 2019 looking to one of the worst on record for data loses. Within the data security battle, encryption is considered to be the gold …
The promise and peril of post quantum computing
In this Help Net Security podcast, Avesta Hojjati, Head of R&D at DigiCert, talks about the security implications of post quantum computing. Here’s a transcript of the …
Defining risk controls that actually work
Previously, we looked at practical ideas for conducting the complex information security risk assessments that all enterprises should regularly perform. The right methodology …
A continuous problem: Tackling the cybersecurity skills shortage
We have read the over abundance of apocalyptic articles covering the growing talent shortage in cybersecurity. But buried under the hyperbolic numbers, there is a larger and …
Keeping up with the evolving ransomware security landscape
Cybercrime is ever-evolving, and is consistently becoming more effective and damaging. While the range of attack vectors available to malicious actors are vast, ransomware …
Want to overcome patching challenges once and for all? Automation is the key
The cybersecurity threatscape in the UK is extremely complex and sophisticated. It is no longer a question of whether a cyberattack will occur, but when; according to a recent …
Is the enterprise on the brink of a global web supply chain attack?
Ever since the Web development ecosystem evolved to the current paradigm of code reuse, companies have placed themselves too close to the abyss. Web supply chain attacks are a …
DevOps firewall: How pre-configuring your cloud deployment can ensure compliance
Following the recent massive Capital One data breach, it’s clear that even some of the world’s largest and most respected companies working in the cloud are still vulnerable …
How to remove human error from the cyber risk equation
In attempting to fortify the enterprise’s cyber assets, we have turned much of our attention to human error. After all, the vast majority of hackers rely upon their …
Featured news
Resources
Don't miss
- Security tooling pitfalls for small teams: Cost, complexity, and low ROI
- BloodHound 8.0 debuts with major upgrades in attack path management
- Back to basics webinar: The ecosystem of CIS Security best practices
- SonicWall firewalls targeted in ransomware attacks, possibly via zero-day
- AIBOMs are the new SBOMs: The missing link in AI risk management