Expert analysis
Ransomware attribution: Missing the true perpetrator?
Headlines following recent ransomware attacks paint a landscape that acknowledges the true impact of such threats. Historical focus solely on attribution has made way for …
Why is patch management so difficult to master?
This question has plagued IT and security departments for years. Each month these teams struggle to keep up with the number of patches issued by the myriad of vendors in their …
Four proactive steps to make identity governance a business priority
Securing digital identities is crucial to business success today, but far too often, it’s an afterthought. As such, identity governance shouldn’t be celebrated as a singular …
Label standard and best practices for Kubernetes security
This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to …
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it …
A leadership guide for mitigating security risks with low code platforms
The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs). The …
Security must become frictionless for companies to fully secure themselves
Ensuring adequate security in the face of a rapid increase in the quantity and sophistication of cyberattacks requires more effort and resources than most organizations are …
Thoughts on Biden’s cybersecurity Executive Order
Colonial Pipeline is a major American oil pipeline system that originates in Houston TX and supplies gasoline and jet-fuel to a significant portion of the US, specifically the …
Can zero trust kill our need to talk about locations?
As security professionals, we have acknowledged for over a decade that our data resides outside our network. Yet, we still talk about strategies for protecting the enterprise …
How data manipulation could be used to trick fraud detection algorithms on e-commerce sites
As the marketing of almost every advanced cybersecurity product will tell you, artificial intelligence is already being used in many products and services that secure …
Returning to the office? Time to reassess privileged access permissions
As more of the population becomes vaccinated against COVID-19, organizations are preparing to return to the office. In the emerging hybrid environment, where employees can …
How to implement cybersecurity for modern application connectivity
The president’s recent executive order on improving the nation’s cybersecurity highlights the security threats facing our country — and it couldn’t be more timely. Ransomware …
Featured news
Resources
Don't miss
- Fake macOS help sites push Shamos infostealer via ClickFix technique
- Why a new AI tool could change how we test insider threat defenses
- Why satellite cybersecurity threats matter to everyone
- Kopia: Open-source encrypted backup tool for Windows, macOS, Linux
- Review: Adversarial AI Attacks, Mitigations, and Defense Strategies