security controls
80% of organizations experienced employees misusing and abusing access to business apps
Organizations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats …
The first step to being cybersmart: Just start somewhere
When it comes to a subject as complex as cybersecurity, it’s easy to become a victim of decision paralysis. When company leaders and IT staff begin looking at their options …
Five proven techniques for building effective fraud management
Effective management of fraud has long been a vital capability within organizations, and for good reasons. According to the Association of Certified Fraud Examiners’ …
Combating vulnerability fatigue with automated security validation
Security operations teams have been dealing with “alert fatigue” for far too long. The introduction of log monitoring (e.g., SIEM), firewall, and AV technologies over two …
Application security approaches broken by rising adoption of cloud-native architectures
The rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security, a survey of 700 CISOs by Coleman …
Label standard and best practices for Kubernetes security
This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to …
Cybersecurity control failures listed as top emerging risk
Cybersecurity control failures was listed as the top emerging risk in 1Q21 in a global poll of 165 senior executives across function and geography, according to Gartner. …
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …
Financial institutions can strengthen cybersecurity with SWIFT’s CSCF v2021
The Society for Worldwide Interbank Financial Telecommunications (SWIFT) has introduced an updated set of baseline customer security controls that all of its users must …
Internet security is improving, but exposures still run rampant
Rapid7’s research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, …
Windows 10 users get protection against PUAs
Windows 10 users who upgrade to v2004 will finally be able to switch on a longstanding Windows Defender feature that protects users against potentially unwanted applications …
Most attacks successfully infiltrate production environments without detection
While organizations continue to invest significant budget dollars in security controls and assume that this means assets are fully protected, the reality is that a majority of …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars