Expert analysis
March 2025 Patch Tuesday forecast: A return to normalcy
The February Patch Tuesday updates and activity during the month marked a return to normalcy for patch management. Following the January updates addressing 100+ …
The 5 stages of incident response grief
Whether we recognize it or not, anytime an incident occurs, it sets off the grieving process. But grief isn’t a bad thing: it’s how we process our emotional reactions and move …
Prioritizing data and identity security in 2025
To say that the cybersecurity landscape has grown more complex over the past several years would be a dramatic understatement. Attackers have more resources at their …
Debunking 5 myths about network automation
Imagine you’re a network engineer at an enterprise. You already have your hands full with IT priorities, including managing bandwidth related to working from home, the …
Cybersecurity needs a leader, so let’s stop debating and start deciding
Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes …
The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance
The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. …
It’s time to secure the extended digital supply chain
Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they …
February 2025 Patch Tuesday forecast: New directions for AI development
February 2025 Patch Tuesday is now live: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) The new year has started with a whirlwind of …
Security validation: The new standard for cyber resilience
Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by …
Aim for crypto-agility, prepare for the long haul
While organizations have long experimented with various facets of digital transformation, the journey toward crypto-agility is one of the most significant technological …
AI security posture management will be needed before agentic AI takes hold
As I’m currently knee deep in testing agentic AI in all its forms, as well as new iterations of current generative AI models such as OpenAI’s O1, the complexities of securing …
Scam Yourself attacks: How social engineering is evolving
We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in …
Featured news
Resources
Don't miss
- Onspring CISO on where automated GRC systems fall short
- Open-source CI/CD abuse detector guards against stolen credential attacks
- A hardware neural network backdoor that hides in plain sight
- Proving what a military AI model will do is the real problem
- Senior engineers are spending their week cleaning up AI-generated code