Expert analysis

We must adjust expectations for the CISO role
Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a …

Preventing data leakage in low-node/no-code environments
Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While …

December 2024 Patch Tuesday forecast: The secure future initiative impact
December 2024 Patch Tuesday is now live: Microsoft fixes exploited zero-day (CVE-2024-49138) It seems like 2024 just started, but the final Patch Tuesday of the year is almost …

Preparing for Q-day: The essential role of cloud migration in securing enterprise data
As the era of quantum computing draws closer, businesses face a new and unprecedented threat to data security: “Q-day.” This looming turning point—when quantum …

5 reasons to double down on network security
Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing …

How to recognize employment fraud before it becomes a security issue
The combination of remote work, the latest technologies, and never physically meeting your employees has made it very easy for job applicants to mask their true identities …

AI Kuru, cybersecurity and quantum computing
As we continue to delegate more infrastructure operations to artificial intelligence (AI), quantum computers are advancing towards Q-day (i.e., the day when quantum computers …

Five backup lessons learned from the UnitedHealth ransomware attack
The ransomware attack on UnitedHealth earlier this year is quickly becoming the healthcare industry’s version of Colonial Pipeline, prompting congressional testimony, lawmaker …

Dev + Sec: A collaborative approach to cybersecurity
The age-old tension between development and security teams has long been a source of friction in organizations. Developers prioritize speed and efficiency, aiming to deliver …

Navigating the compliance labyrinth: A CSO’s guide to scaling security
Imagine navigating a labyrinth where the walls constantly shift, and the path ahead is obscured by fog. If this brings up a visceral image, you’ve either seen David Bowie’s …

The changing face of identity security
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find …

November 2024 Patch Tuesday forecast: New servers arrive early
November 2024 Patch Tuesday is now live: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Microsoft followed their October precedent set with …
Featured news
Resources
Don't miss
- Threat actors are using legitimate Microsoft feature to compromise M365 accounts
- North Korean hackers spotted using ClickFix tactic to deliver malware
- Sandworm APT’s initial access subgroup hits organizations accross the globe
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)
- The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance