security controls
Building confidence in your system’s security with chaos engineering
In this interview with Help Net Security, Aaron Rinehart, CTO at Verica, explains the discipline of chaos engineering and how it can help organizations build more resilient …
API security: Understanding the next top attack vector
Application Programming Interfaces (APIs) underpin today’s digital ecosystem as the essential connective tissue that allows companies to exchange data and information quickly …
Ransomware and terrorism: For security pros the threat is equal
Venafi announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that 60% of security professionals believe ransomware threats …
Control failures are behind a growing number of cybersecurity incidents
Data from a survey of 1,200 enterprise security leaders reveals that an increase in tools and manual reporting combined with control failures are contributing to the success …
80% of organizations experienced employees misusing and abusing access to business apps
Organizations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats …
The first step to being cybersmart: Just start somewhere
When it comes to a subject as complex as cybersecurity, it’s easy to become a victim of decision paralysis. When company leaders and IT staff begin looking at their options …
Five proven techniques for building effective fraud management
Effective management of fraud has long been a vital capability within organizations, and for good reasons. According to the Association of Certified Fraud Examiners’ …
Combating vulnerability fatigue with automated security validation
Security operations teams have been dealing with “alert fatigue” for far too long. The introduction of log monitoring (e.g., SIEM), firewall, and AV technologies over two …
Application security approaches broken by rising adoption of cloud-native architectures
The rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security, a survey of 700 CISOs by Coleman …
Label standard and best practices for Kubernetes security
This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to …
Cybersecurity control failures listed as top emerging risk
Cybersecurity control failures was listed as the top emerging risk in 1Q21 in a global poll of 165 senior executives across function and geography, according to Gartner. …
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …