Security awareness training doesn’t solve human risk
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world …
The best CISOs think like Batman, not Superman
Many CISOs see themselves as Superman — soaring overhead, cape fluttering, and ready to swoop in and save the day at a moment’s notice if a crisis arises. There have been …
How modern workflows can benefit from pentesting
Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network …
Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …
What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system …
The realities of working in and pursuing a career in cybersecurity
(ISC)² released a study which provides insights on how to successfully staff up a balanced and diverse cybersecurity team with a broad range of skills. Cybersecurity career …
Solve evolving enterprise issues with GRC technology
For this interview, we sat down with Blake Brannon, CTO at OneTrust, to discuss governance, risk management, and compliance (GRC). More than 8,000 customers, including half of …
The next big thing in cloud computing? Shh… It’s confidential
The business-driven explosion of demand for cloud-based services has made the need to provide highly secure cloud computing more urgent. Many businesses that work with …
Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches
CISOs face a rising ‘security debt’ to secure their organizations against an increasing volume of attacks by well-armed criminals. Yet, despite going up against a criminal …
Infosecurity transformation and building proactive mitigation strategies
Marcos Christodonte II, CISO at Unqork, spent his career leading information security for large, complex enterprises. His focus on information security began when he served in …
Securing vehicles from potential cybersecurity threats
Organizations in the automotive industry are no stranger to demands and mandates regarding car and passenger safety, so addressing the issue of cybersecurity of computerized, …
Improper cloud IAM leaving organizations at risk
There is an industry-wide cloud permissions gap crisis, leaving countless organizations at risk due to improper identity and access management (IAM), a CloudKnox Security …