Expert analysis
Don’t accept risk with a pocket veto
We who live risk management know there are four responses when confronted with a credible risk to our organizations. We can treat the risk to reduce it. We can avoid the risk …
Conficker: A 10-year retrospective on a legendary worm
This November marked the 10-year anniversary of Conficker, a fast-spreading worm targeting Microsoft systems that went on to claim one of the highest levels of infection in …
The holiday season and cybercrime: 8 ways to protect yourself
The holiday season has become an unbridled online spending extravaganza, and threat actors have taken notice. For shoppers, what starts out as an attempt to fulfill their …
Privacy laws do not understand human error
In a world of increasingly punitive regulations like GDPR, the combination of unstructured data and human error represents one of the greatest risks an organization faces. …
What mid-market security budgets will look like in 2019
As 2018 draws to a close, IT and security pros around the country will greet the arrival of budget season with a collective sigh. Negotiating for IT budgets at small or …
Implications of the NIS Directive for the industrial sector
On July 6, 2018 the NIS (Network and Information System) Directive was enacted as the first EU-wide legislation that provides measures to boost security across the region. …
Round two: Microsoft prepares to release Windows 10 October 2018 Update… again!
Thanksgiving comes early this year, but the Microsoft Windows 10 October 2018 Update is coming late. Should we be thankful? Let’s revisit the short history of this release, …
Five key considerations when developing a Security Operations Center
Ensuring access to a reliable feed of threat intelligence through a security operations center (SOC) is an essential element of many organization’s security strategy today. …
DevOps and security: How to make disjointed security and DevOps teams work effectively
As organizations build their “software factories”, leveraging the latest DevOps organizational models and CD/CI techniques to get applications out quickly, they still find …
Countering threats: Steps to take when developing APIs
High profile data breaches resulting from faulty APIs continue to make headlines. In the last few months alone, T-Mobile’s data breach resulted in hackers stealing personal …
Ensuring election integrity: The overlooked last mile of securing voter data
With 99 percent of America’s votes counted by computers, security experts agree that our elections remain extremely vulnerable for a cyberattack. Fourteen states are …
The building blocks of blockchain-based digital identity
In earlier articles, I discussed what a shared digital identity can do as well as which organizations are the right starting point to adopt a solution for digital identity …
Featured news
Resources
Don't miss
- What GPT‑5 means for IT teams, devs, and the future of AI at work
- Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
- SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls
- Photos: Black Hat USA 2025
- Beyond PQC: Building adaptive security programs for the unknown