Expert analysis
Cybersecurity needs a leader, so let’s stop debating and start deciding
Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes …
6 considerations for 2025 cybersecurity investment decisions
Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the …
The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance
The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. …
It’s time to secure the extended digital supply chain
Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they …
February 2025 Patch Tuesday forecast: New directions for AI development
February 2025 Patch Tuesday is now live: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) The new year has started with a whirlwind of …
Security validation: The new standard for cyber resilience
Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by …
Self-sovereign identity could transform fraud prevention, but…
The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and …
Aim for crypto-agility, prepare for the long haul
While organizations have long experimented with various facets of digital transformation, the journey toward crypto-agility is one of the most significant technological …
AI security posture management will be needed before agentic AI takes hold
As I’m currently knee deep in testing agentic AI in all its forms, as well as new iterations of current generative AI models such as OpenAI’s O1, the complexities of securing …
Scam Yourself attacks: How social engineering is evolving
We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in …
Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
The twin cryptocurrency and digital identity revolutions are supposed to be building a better future, where anybody can take charge of their sovereignty and security in a …
A humble proposal: The InfoSec CIA triad should be expanded
The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may …
Featured news
Resources
Don't miss
- The messy data trails of telehealth are becoming a security nightmare
- What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts
- Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)
- Kali Linux 2025.4: New tools and “quality-of-life” improvements
- How researchers are teaching AI agents to ask for permission the right way