Best practices for implementing a company-wide risk analysis program
For most organizations today, the threat surface is broad and getting broader. There are the obvious concerns like the user base, remote or BYOD computing, on-premises …
Out of the blue: Surviving an 18-hour, 39M-request DDoS attack
No online business can afford to neglect malicious bot threats. Attackers and fraudsters increasingly leverage bots to automate and coordinate attacks, driving IT teams and …
How entrepreneurs can capitalize on the impending golden age of cybersecurity
As the markets continue to fluctuate, budget cuts and layoffs now extend across the tech industry, with cybersecurity no exception from tightening its belt and assessing its …
Future-proofing asset and vulnerability intelligence in response to CISA’s BOD 23-01
Modern environments have become more dynamic and the need for equally progressive asset discovery techniques has intensified. The new Cybersecurity and Infrastructure Security …
Why companies can no longer hide keys under the doormat
For good reason, companies trust in encryption, blockchain, zero trust access, distributed or multi-party strategies, and other core technologies. At the same time, companies …
Rallying cybersecurity and healthcare IT to support patient safety
The expansion of cyber-physical systems in healthcare, particularly the IP “heartbeats” dispersed across hospital networks, has stretched cybersecurity beyond its IT legacy of …
As trust in online spaces degrades, Canada bolsters resilience against cyber attacks
In this Help Net Security interview, Sami Khoury, Head of the Canadian Centre for Cyber Security, talks about how Canada is addressing today’s top threats, touches upon …
Moving your Microsoft environment to zero trust
Zero trust is a concept that’s easy to grasp but incredibly difficult to implement. It touches almost every system, component, application, and resource within an enterprise, …
How can CISOs catch up with the security demands of their ever-growing networks?
Vulnerability management has always been as much art as science. However, the rapid changes in both IT networks and the external threat landscape over the last decade have …
Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color
When people find out that I’ve spent much of my career being hired by companies to steal their secrets, they usually ask, “Are we doing enough? Do we need a red team?” …
Busting compliance myths
In this interview for Help Net Security, Troy Fine, Senior Manager of Cybersecurity Risk Management at Drata, talks about the challenges of data compliance and what companies …
Shining a light on the dark web
Dark web marketplaces sell a plethora of tools, stolen data, and forged documents, and some of the things for sale are priced higher than the rest. The most expensive records …
Featured news
Resources
Don't miss
- Inside Microsoft’s veteran-to-tech workforce pipeline
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications
- Incident response lessons learned the hard way
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years