Expert analysis
Using just-in-time access to reduce cloud security risk
Excessive privileges are a continuing headache for security professionals. As more organizations migrate assets to the cloud, users with excessive permissions can expand the …
The double-edged sword of generative AI
Generative AI has captured the imagination of millions worldwide, largely driven by the recent success of ChatGPT, the text-generation chatbot. Our new research showed that …
Generative AI and security: Balancing performance and risk
Are we moving too fast with AI? This is a central question both inside and outside the tech industry, given the recent tsunami of attention paid to ChatGPT and other …
Are you ready for PCI DSS 4.0?
In just under a year’s time, organizations will have had to comply with several new requirements under version 4.0 of the Payment Card Industry Data Security Standard (PCI …
The silent killers in digital healthcare
As digital transformation revolutionizes the healthcare industry, its use of API (application programming interfaces) technology is skyrocketing. APIs, which help users and …
A third-party’s perspective on third-party InfoSec risk management
More than ever, organizations are relying on third parties to streamline operations, scale their business, expand and leverage expertise, and reduce costs. In the complex and …
The staying power of shadow IT, and how to combat risks related to it
There was a time, not too long ago, when most IT leaders believed shadow IT was a negligible element in their companies. They felt their IT organizations were so in control of …
The biggest data security blind spot: Authorization
Too many people have access to company data they don’t need. Also, too many companies focus on authentication (verifying identity) as a security measure and overlook the …
Security beyond software: The open source hardware security evolution
Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But …
Wargaming an effective data breach playbook
A well-tuned data breach playbook can provide security teams with a clear roadmap for working through the breach response process. Foreseeing every possible twist and turn of …
The new weakest link in the cybersecurity chain
It used to be that people were the greatest cybersecurity vulnerability, but this is no longer true. The rise of the internet made people more connected than ever. Attackers …
5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest …
Featured news
Sponsored
Don't miss
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
- Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate
- Who owns customer identity?
- Enterprises face significant losses from mobile fraud
- Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation