10 strategies small security teams can use for effective cybersecurity management
As the challenges of smaller security teams are certainly different than with larger teams, these IT professionals must be more creative and pragmatic than their large …
Knowledge graphs: The secret of Google Search and now XDR
Wading through waves of alert noise to find real threats and manually connecting the dots to find context in real-time attacks are essential capabilities in today’s …
How to deal with the escalating phishing threat
In today’s world, most external cyberattacks start with phishing. For attackers, it’s almost a no-brainer: phishing is cheap and humans are fallible, even after …
Moving past the madness of manually updated X.509 certificates
Microsoft’s Active Directory (AD) is by far the most widely used enterprise repository for digital identities. Microsoft Active Directory Certificate Services (ADCS) is …
Moving to the cloud with a security-first, zero trust approach
Many companies tend to jump into the cloud before thinking about security. They may think they’ve thought about security, but when moving to the cloud, the whole concept of …
Review: Practical Vulnerability Management: A Strategic Approach to Managing Cyber Risk
Andrew Magnusson started his information security career 20 years ago and he decided to offer the knowledge he accumulated through this book, to help the reader eliminate …
Three immediate steps to take to protect your APIs from security risks
In one form or another, APIs have been around for years, bringing the benefits of ease of use, efficiency and flexibility to the developer community. The advantage of using …
Cybersecurity lessons learned from data breaches and brand trust matters
Your brand is a valuable asset, but it’s also a great attack vector. Threat actors exploit the public’s trust of your brand when they phish under your name or when they …
NIST guide to help orgs recover from ransomware, other data integrity attacks
The National Institute of Standards and Technology (NIST) has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., …
Your best defense against ransomware: Find the early warning signs
As ransomware continues to prove how devastating it can be, one of the scariest things for security pros is how quickly it can paralyze an organization. Just look at Honda, …
DaaS, BYOD, leasing and buying: Which is better for cybersecurity?
In the digital age, staff expect employers to provide hardware, and companies need hardware that allows employees to work efficiently and securely. There are already a number …
5 simple steps to bring cyber threat intelligence sharing to your organization
Cyber threat intelligence (CTI) sharing is a critical tool for security analysts. It takes the learnings from a single organization and shares it across the industry to …