strategy

Structural integrity: Quantifying risk with security measurement
In my previous post, we set up the foundation for a risk quantification program. Many organizations have begun this part of their security strategy and are learning how to …

How to diminish the great threat of legacy apps
The Equifax breach underscored the risk posed by unpatched software applications. As a refresher, 146 million customer records were exposed after a known vulnerability in …

Volume and quality of training data are the largest barriers to applying machine learning
IDC predicts worldwide spending on artificial intelligence (AI) systems will reach $35.8 billion in 2019, and 84% of enterprises believe investing in AI will lead to greater …

Most security pros have considered quitting due to a lack of resources
Companies are suffering from a lack of resources, both in terms of people and technology (79 percent), and 72 percent have considered leaving their jobs for this reason, …

Getting ready for digital transformation: The biggest cybersecurity challenges
Digital transformation (DX) is becoming the largest driver of new technology investments and projects among businesses and IDC forecasts that global spending on DX will reach …

Is your perimeter inventory leaving you exposed? Why it’s time to switch from IP to DNS
Historically, security teams and tools have used IP addresses to define their targets and scopes. But in a world where applications and networks are increasingly cloud-hosted …

Five ways automating IAM saves you money
Identity is the foundation of security, so a robust automated identity and access management (IAM) system is by far the best way to keep your company’s information safe. It’s …

Traditional approach to data security hindering digital transformation initiatives
Security professionals who adopted a more traditional or reactive approach to their data protection and security program did not believe they would reach their digital …

On the path to Zero Trust security: Time to get started
No need to belabour the point. We all know that trying to defend the network perimeter is a bit futile in today’s mobile and cloud first world. So, the obvious question …

Memory analysis is the ground truth
In recent years, enterprises have adopted next-gen endpoint protection products that are doing an admirable job detecting anomalies. For example, searching for patterns such …

Identity theft victims could lead us to accept more security-improving friction
Far too many individuals who have never been victims of identity theft and financial crimes don’t understand how devastating those are to victims. “There are many …

CISOs: What would you do over?
Just after the new year I was catching up with a CISO over lunch in Pike Place Market in Seattle. We were reminiscing about how tough it is to get a security program up and …
Featured news
Resources
Don't miss
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground
- Open source has a malware problem, and it’s getting worse
- Train smarter, respond faster: Close the skill gaps in your SOC