The anatomy of an endpoint attack
Cyberattacks are becoming increasingly sophisticated as tools and services on the dark web – and even the surface web – enable low-skill threat actors to create highly evasive …
How to avoid the most common mistakes of an identity governance program
It’s a story I have seen play out many times over two decades in the Identity and Access Management (IAM) field: An organization determines that it needs a more robust …
Three common mistakes in ransomware security planning
As the frequency and intensity of ransomware attacks increase, one thing is becoming abundantly clear: organizations can do more to protect themselves. Unfortunately, most …
How do I select a data storage solution for my business?
We live in the age of data. We are constantly producing it, analyzing it, figuring out how to store and protect it, and, hopefully, using it to refine business practices. …
Working together to secure our expanding connected health future
Securing medical devices is not a new challenge. Former Vice President Cheney, for example, had the wireless capabilities of a defibrillator disabled when implanted near his …
Why developing cybersecurity education is key for a more secure future
Cybersecurity threats are growing every day, be they are aimed at consumers, businesses or governments. The pandemic has shown us just how critical cybersecurity is to the …
Why CIOs need to focus on password exposure, not expiration
The cybersecurity market is growing even in the midst of the pandemic-driven economic downturn, with spending predicted to reach $123 billion by the end of the year. While …
Three immediate steps to take to protect your APIs from security risks
In one form or another, APIs have been around for years, bringing the benefits of ease of use, efficiency and flexibility to the developer community. The advantage of using …
MITRE Shield shows why deception is security’s next big thing
Seasoned cybersecurity pros will be familiar with MITRE. Known for its MITRE ATT&CK framework, MITRE helps develop threat models and defensive methodologies for both the …
Review: ThreadFix 3.0
Maintaining a strong organizational security posture is a demanding task. Most best practices – e.g. CIS Controls, the OWASP Vulnerability Management Guide – …
The lifecycle of a eureka moment in cybersecurity
It takes more than a single eureka moment to attract investor backing, especially in a notoriously high-stakes and competitive industry like cybersecurity. While every …
Hardware security: Emerging attacks and protection mechanisms
Maggie Jauregui’s introduction to hardware security is a fun story: she figured out how to spark, smoke, and permanently disable GFCI (Ground Fault Circuit Interrupter – …