framework
Creating a formula for effective vulnerability prioritization
In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik …
Shifting data protection regulations show why businesses must put privacy at their core
Like it or not, data protection will be one of the biggest issues organizations face in 2024. Knowing where to focus compliance efforts will be tricky, with more and more …
eIDAS: EU’s internet reforms will undermine a decade of advances in online security
The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as eIDAS 2.0 – contains legislation that poses a grave …
Modeling organizations’ defensive mechanisms with MITRE D3FEND
Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As …
Collaborative strategies are key to enhanced ICS security
In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). …
CISOs vs. developers: A battle over security priorities
A majority of both developers and CISOs view software supply chain security as a top priority in their roles (70% and 52% respectively), according to Chainguard. However, …
Exploring the global shift towards AI-specific legislation
In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving landscape of AI legislation and its global impact. Pearce …
Securing data at the intersection of the CISO and CDO
Two groups in particular play a key and critical role in ensuring data governance and security: the CISO and the CDO. CISOs are responsible for identifying and managing risks …
MITRE ATT&CK v14 released
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. …
White House issues Executive Order for safe, secure, and trustworthy AI
President Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of artificial intelligence (AI). New …
What is operational risk and why should you care? Assessing SEC rule readiness for OT and IoT
The newly released Security and Exchange Commission (SEC) cyber incident disclosure rules have been met with mixed reviews. Of particular concern is whether public companies …
Navigating OT/IT convergence and securing ICS environments
Escalating threats to operational technology (OT) have prompted an increasing number of global enterprises to adopt sophisticated technologies and services to enhance the …