A veteran’s look at the cybersecurity industry and the problems that need solving
For many in the infosec industry, Daniel Miessler needs no introduction, as he’s a 20-year industry veteran, a professional that fulfilled a variety of security roles at …
Structural integrity: Quantifying risk with security measurement
In my previous post, we set up the foundation for a risk quantification program. Many organizations have begun this part of their security strategy and are learning how to …
How to diminish the great threat of legacy apps
The Equifax breach underscored the risk posed by unpatched software applications. As a refresher, 146 million customer records were exposed after a known vulnerability in …
Solving the network visibility problem with NaaS
Network visibility is crucial for many things: making sure that the equipment works properly monitoring and tweaking the network’s performance and protecting it against …
Getting ready for digital transformation: The biggest cybersecurity challenges
Digital transformation (DX) is becoming the largest driver of new technology investments and projects among businesses and IDC forecasts that global spending on DX will reach …
Is your perimeter inventory leaving you exposed? Why it’s time to switch from IP to DNS
Historically, security teams and tools have used IP addresses to define their targets and scopes. But in a world where applications and networks are increasingly cloud-hosted …
Five ways automating IAM saves you money
Identity is the foundation of security, so a robust automated identity and access management (IAM) system is by far the best way to keep your company’s information safe. It’s …
On the path to Zero Trust security: Time to get started
No need to belabour the point. We all know that trying to defend the network perimeter is a bit futile in today’s mobile and cloud first world. So, the obvious question …
How can we give cybersecurity analysts a helping hand?
It’s tough being a cybersecurity analyst these days. Over the last few years we have been repeatedly reminded of the challenge they are now facing, primarily through the …
Identity theft victims could lead us to accept more security-improving friction
Far too many individuals who have never been victims of identity theft and financial crimes don’t understand how devastating those are to victims. “There are many …
CISOs: What would you do over?
Just after the new year I was catching up with a CISO over lunch in Pike Place Market in Seattle. We were reminiscing about how tough it is to get a security program up and …
What does it take to be an infosec product strategist?
Choosing a security product that will best fit your organization’s needs is a challenge exacerbated by the “polluted, turbulent sea of ineffectual security …
Featured news
Resources
Don't miss
- Europeans targeted with new Tor-using backdoor and infostealers
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
- BloodyAD: Open-source Active Directory privilege escalation framework
- 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
- AI security posture management will be needed before agentic AI takes hold