framework
The evolution of security metrics for NIST CSF 2.0
CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or …
How to combat alert fatigue in cybersecurity
In this Help Net Security interview, Ken Gramley, CEO at Stamus Networks, discusses the primary causes of alert fatigue in cybersecurity and DevOps environments. Alert fatigue …
What is cybersecurity mesh architecture (CSMA)?
Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security …
Overcoming GenAI challenges in healthcare cybersecurity
In this Help Net Security interview, Assaf Mischari, Managing Partner, Team8 Health, discusses the risks associated with GenAI healthcare innovations and their impact on …
GenAI can enhance security awareness training
One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks. From mining someone’s …
GSMA releases Mobile Threat Intelligence Framework
GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile …
Debunking compliance myths in the digital era
Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 …
Harnessing the power of privacy-enhancing tech for safer AI adoption
A consensus on regulatory AI frameworks seems distant. Yet, the imperative for secure and responsible AI deployment cannot be overstated. How can leaders proactively address …
Securing software repositories leads to better OSS security
Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool …
Integrating software supply chain security in DevSecOps CI/CD pipelines
NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, …
Key areas that will define the intersection of AI and DevOps
Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers …
NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …