Security doesn’t always require immediacy
New security threats emerge almost continuously, meaning we now deal with a known unknown. In the past year alone, malware and ransomware use has sharply increased, 43% of …
Enterprise leaders now see cybersecurity as a business advantage
Enterprise leaders who previously viewed cybersecurity as part of traditional infrastructure have shifted to rapidly invest in integrated, cloud-based approaches, with ripple …
What the pipeline attack means for critical infrastructures
The big news in critical infrastructure security is the ransomware-triggered shutdown of the Colonial gasoline pipeline – the largest such pipeline in the USA. The …
Security awareness training doesn’t solve human risk
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world …
The best CISOs think like Batman, not Superman
Many CISOs see themselves as Superman — soaring overhead, cape fluttering, and ready to swoop in and save the day at a moment’s notice if a crisis arises. There have been …
How modern workflows can benefit from pentesting
Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network …
Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …
What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system …
The realities of working in and pursuing a career in cybersecurity
(ISC)² released a study which provides insights on how to successfully staff up a balanced and diverse cybersecurity team with a broad range of skills. Cybersecurity career …
Solve evolving enterprise issues with GRC technology
For this interview, we sat down with Blake Brannon, CTO at OneTrust, to discuss governance, risk management, and compliance (GRC). More than 8,000 customers, including half of …
The next big thing in cloud computing? Shh… It’s confidential
The business-driven explosion of demand for cloud-based services has made the need to provide highly secure cloud computing more urgent. Many businesses that work with …
Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches
CISOs face a rising ‘security debt’ to secure their organizations against an increasing volume of attacks by well-armed criminals. Yet, despite going up against a criminal …