Cybersecurity industry analysis: Another recurring vulnerability we must correct
I have spent my career finding, fixing, discussing, and breaking down software vulnerabilities, one way or another. I know that when it comes to some common security bugs, …
Helping security teams respond to gaps in security and compliance programs with Qualys CSAM
Unlike traditional inventory tools that focus solely on visibility or rely on third-party solutions to collect security data, Qualys CyberSecurity Asset Management (CSAM) is …
Rethinking SIEM requires rethinking visibility
Security professionals now generally recognize that siloed security tools and systems have undercut efforts to find active attacks more quickly and efficiently. Information …
Best practices for securing the CPaaS technology stack
Like everything that’s connected to the cloud, Communications Platform-as-a-Service (CPaaS) solutions are vulnerable to hacking, which increased dramatically as workforces …
Why cybersecurity products always defy traditional user reviews
I read with interest the latest batch of evaluation data from MITRE on various endpoint solutions, this time focusing on the detect, response and containment of these various …
It’s time to shift from verifying data to authenticating identity
As fraudsters continue to develop increasingly sophisticated schemes that allow them to produce an apparent valid identity, either by stealing personal data or fabricating it …
The evolution of the modern CISO
Ask anyone who has been around the cybersecurity world long enough and they’ll tell you just how much evolution the industry has undergone in the past few decades—particularly …
Adding complexity through simplification: Breaking down SASE
In an industry that’s not short of jargon and buzzwords, cybersecurity has a new acronym to reckon with: SASE, or secure access service edge. Introduced by Gartner in 2019 and …
Ransomware attribution: Missing the true perpetrator?
Headlines following recent ransomware attacks paint a landscape that acknowledges the true impact of such threats. Historical focus solely on attribution has made way for …
Why is patch management so difficult to master?
This question has plagued IT and security departments for years. Each month these teams struggle to keep up with the number of patches issued by the myriad of vendors in their …
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it …
Thoughts on Biden’s cybersecurity Executive Order
Colonial Pipeline is a major American oil pipeline system that originates in Houston TX and supplies gasoline and jet-fuel to a significant portion of the US, specifically the …