To DevSecOps or not to DevSecOps?
Would your organization benefit from introducing DevSecOps? Dan Cornell, CTO of application security company Denim Group, believes that most organizations would. With one …
The CIO’s greatest roadblock to Agile development: Security governance
Today, the greatest roadblock CIOs face when adopting Agile development is not ‘security in general,’ but ‘security governance.’ We can define ‘security governance’ as the …
How to Marie Kondo your data
By now you’ve heard about Marie Kondo, the author of New York Times bestseller, The Life Changing Magic of Tidying Up, and star of Tidying Up, the new Netflix show that puts …
Lessons learned from the many crypto hacks
The one poignant lesson that crypto investors globally have learned over the years is that despite the immutable, impenetrable nature of the technology behind cryptocurrencies …
Build-time security: Block risk and security issues from production rings
Build-time security has become a standard part of any security program and continues to grow in popularity with the shift left movement. In its most popular form, it’s a …
Weighing the options: The role of cyber insurance in ransomware attacks
The Norsk Hydro cyberattack is a real-time case study of what an international company goes through when a ransomware attack is successful. Over the last week, we’ve witnessed …
How to build an effective vulnerability management program
The concept of vulnerability management has undergone a number of changes in the last few years. It is no longer simply a synonym for vulnerability assessment, but has grown …
Guilty by association: The reality of online retail third-party data leaks
Online retail activity continues to accelerate at a rampant pace and shows no signs of slowing down. According to the National Retail Federation (NRF), U.S. retail sales are …
Secure workloads without slowing down your DevOps flows
In this Help Net Security podcast recorded at RSA Conference 2019, David Meltzer, CTO at Tripwire, and Lamar Bailey, Senior Director of Security Research at Tripwire, discuss …
Employee cybersecurity essentials part 1: Passwords and phishing
Your company may have state-of-the-art monitoring and the latest anti-malware and anti-virus programs, but that doesn’t mean you’re not at risk for a breach, or that – as an …
Breaking the cybersecurity stalemate by investing in people
No surprise, it happened again. In 2018, the financial toll cyber breaches took on organizations hit $3.86 million, a 6.4 percent rise from 2017. Before last year’s close, …
How the Google and Facebook outages could impact application security
With major outages impacting Gmail, YouTube, Facebook and Instagram recently, consumers are right to be concerned over the security of their private data. While details of …