security controls
Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook
Financially motivated attacks continued to drive the bulk of cyber incidents against banks, insurers, and payment processors in 2025. Approximately 90% of breaches affecting …
What managing partners should ask AI vendors before signing any contract
In this Help Net Security interview, Kumar Ravi, Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more …
The internet’s oldest trust mechanism is still one of its weakest links
Attackers continue to rely on domain names as an entry point into enterprise systems. A CSC domain security study finds that large organizations leave this part of their …
Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience
In this Help Net Security interview, Liad Shnell, CISO and CTO at Rakuten Viber, discusses how messaging platforms have become critical infrastructure during crises and …
Gen AI data violations more than double
Security teams track activity that moves well beyond traditional SaaS platforms, with employees interacting daily with generative AI tools, personal cloud services, and …
AI security risks are also cultural and developmental
Security teams spend much of their time tracking vulnerabilities, abuse patterns, and system failures. A new study argues that many AI risks sit deeper than technical flaws. …
What shadow AI means for SaaS security and integrations
In this Help Net Security video, Jaime Blasco, CTO at Nudge Security, discusses why shadow AI matters to security teams. He describes how AI adoption happens in two ways, …
Automation forces a reset in security strategy
Enterprise security teams are working under the assumption that disruption is constant. A global study by Trellix shows that resilience has moved from a long term goal to a …
Creative cybersecurity strategies for resource-constrained institutions
In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and …
Treating MCP like an API creates security blind spots
In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many …
What insurers really look at in your identity controls
Insurers judge organizations by the strength of their identity controls and by how consistently those controls are applied, according to a new Delinea report. CISOs are …
Agentic AI puts defenders on a tighter timeline to adapt
Security teams know that attackers rarely wait for defenders to be ready. The latest AI Maturity in Cybersecurity Report from Arkose Labs shows how quickly the threat …
Featured news
Resources
Don't miss
- With AI’s help, North Korean hackers stumbled into a near-undetectable attack
- Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)
- GopherWhisper APT group hides command and control traffic in Slack and Discord
- A year in, Zoom’s CISO reflects on balancing security and business
- Scenario: Open-source framework for automated AI app red-teaming