cybersecurity
Open-source software holds the key to solving Log4Shell-like problems
Earlier this month, the existence of a critical vulnerability in Apache Log4j 2 was revealed and a PoC for it published. Dubbed Log4Shell, it’s an issue in a logging library …
How confident can organizations be in their managed services security?
MITRE Engenuity and Cybersecurity Insiders announced the results of a research about the state of affairs in managed services security. The survey of IT security professionals …
6 top cybersecurity trends from 2021 and their impact on 2022
2021 has been a wild year in the cybersecurity space. From supply chain attacks like the SolarWinds hack to the NSO Group’s spyware scandal to the Colonial Pipeline ransomware …
Cybersecurity budgets surge, as skills gap wreaks havoc on 2022 plans
As enterprises plan and set budgets for the new year ahead, the vast majority are expecting to channel more dollars toward enhancing their cybersecurity efforts. Organizations …
Rethinking cybersecurity becomes imperative as devices and apps move away from physical offices
69.1% of professionals with security responsibility believe a rethink is needed to deal with the threat of cybersecurity now that devices and applications have moved outside …
How can AI be made more secure and trustworthy?
While we’re still debating whether and how long it will take to reach singularity and superintelligence, artificial intelligence is playing an increasingly important role in …
Zero trust isn’t just for IT, it can also protect targeted critical infrastructure
Gartner predicts that by 2025 cyber attackers will have weaponized OT environments to successfully harm or kill humans. Not only is a solution to secure OT assets imperative, …
Shifting security further left: DevSecOps becoming SecDevOps
Veracode has revealed usage data that demonstrates cybersecurity is becoming more automated and componentized in line with modern software architectures and development …
The cybersecurity executive order is not all it’s cracked up to be
Seventy-two percent of federal cybersecurity leaders say the White House’s May 2021 Cybersecurity Executive Order (EO) addresses only a fraction of today’s cybersecurity …
Not all domain registrars are created equal: Consumer-grade vs. enterprise-class
SecurityScorecard and CSC released comprehensive research detailing the impacts of an organization’s choice in domain registrar on their overall security ratings. The research …
Want to assemble a cyber Dream Team? Look back at the ‘92 Olympics
A common question I often receive from organizational leaders is how to assemble the right team that can ensure their enterprise is positioned to effectively combat the …
The impact of the Log4j vulnerability on OT networks
Operational Technology (OT) networks are at risk from the recently-announced Apache Log4j (CVE-2021-44228) vulnerability. On the surface, it is not clear why this should be. …