Closing the cyber skills gap: What to do next
On a global scale, cybersecurity is suffering from a severe shortage of experts. What is to be done? Organizations, government, academia and professional associations need to …
Threat actors are adapting and switching their operations strategically and technically
Cybercrime campaigns and high-profile advanced persistent threat groups are shifting how they target victims and focusing more on intricate relationships with “secure …
Extending security to fourth parties your business needs, but doesn’t control
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth …
AI vs. AI: Cybersecurity battle royale
David and Goliath. The Invasion of Normandy. No matter the generation, we all know some of the storied battles that have withstood the test of time. In cyberspace, however, …
The changing face of DDoS attacks: Degraded performance instead of total takedown
The number of DDoS attacks might be getting higher, but they are not all massive nor do they always trigger DDoS defenses. In fact, small-scale DDoS attacks are becoming more …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Link between personality type and vulnerabilities to cybercrime
Only four in 10 (42%) businesses focus on compliance training as part of their cybersecurity protocol to ensure sensitive data is kept secure, reports ESET. More worryingly, …
Make sure you keep an eye on your APIs
Application programming interfaces have always been important gateways to our applications, but in recent years, they’ve silently become both more prevalent and more central …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Embracing the cloud and meeting its security demands
If you want to build a career in information security, there’s no shortage of diverse roles you can aim for. Whether you’ll end up doing that or something else …
Prevent lateral attacks inside the data center with a defense-in-depth hardware layer
IT departments tend to be concerned primarily with cybersecurity attacks that originate from outside the enterprise, known as a “north-south” attacks. This often leaves them …
Security orchestration and automation checklist: How to choose the right vendor
Faced up against the well-chronicled global skills shortage, the ceaseless bombardment of security alerts and the hodgepodge of security tools unable to communicate with each …