Expert analysis
It’s time for security operations to ditch Excel
Security teams are hiding an embarrassing secret from the outside world: despite their position at the vanguard of technology, security risks and threats, their actual war …
A step-by-step plan for safe use of GenAI models for software development
If you are a large-scale company, the recent AI boom hasn’t escaped your notice. Today AI is assisting in a large array of development-related and digital-related tasks, from …
How to make sense of the new SEC cyber risk disclosure rules
SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in …
Balancing “super app” ambitions with privacy
When Elon Musk’s ambitions to transform X into an “everything app” were divulged last year, he joined several companies known to be exploring or actively working on developing …
Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge
The essence of cybersecurity is not just about defense but enabling business through trust and reliability. As Gmail and Yahoo take steps to enforce stricter email …
AI outsourcing: A strategic guide to managing third-party risks
In an era of artificial intelligence (AI) revolutionizing business practices, many companies are turning to third-party AI services for a competitive edge. However, this …
We can’t risk losing staff to alert fatigue
The oft-quoted Chinese military strategist Sun Tzu famously claimed: “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” Exchange …
February 2024 Patch Tuesday forecast: Zero days are back and a new server too
UPDATE: February 13, 14:55 ET – February 2024 Patch Tuesday is live. January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs …
10 tips for creating your security hackathon playbook
For more than 12 years, I’ve been organizing and running hackathons with the goal of finding security vulnerabilities and fixing them before a product hits the market. These …
3 ways to achieve crypto agility in a post-quantum world
Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability …
Migrating to the cloud: An overview of process and strategy
Over the next few years, the number of organizations navigating to the cloud to advance their business goals is expected to grow exponentially. According to Gartner, more than …
Does CVSS 4.0 solve the exploitability problem?
The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is …