Expert analysis
Five best practices for achieving and maintaining SOC 2 compliance
A crucial framework for technology companies and cloud-based organizations, SOC 2 is both a technical audit and a requirement that comprehensive information security policies …
Client-side web security
To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to …
Let’s be realistic about our expectations of AI
Pop culture contains no shortage of intelligent robots. When the tool became viable and widely available in real life, people brought a number of enthusiastic but unrealistic …
Five contingency best practices for SOCs to handle uncertainty
With a crush of new teleworkers and a significant increase in endpoints coming online, we’ve entered into a new reality. COVID-19 has disrupted our lives and the business …
CISOs: Quantifying cybersecurity for the board of directors
Only 9% of security teams feel as if they are highly effective in communicating security risks to the board and to other C-suite executives, according to a recent survey …
Multi-cloud key management and BYOK
Cloud providers such as Google Cloud Platform, AWS, and Microsoft Azure work hard to be the service provider of choice for enterprise customers. They often push the envelope …
Understanding web security solutions
As should be evident to anyone in the cyber security industry, the wide range of available web security solutions from commercial vendors will necessarily have varying degrees …
Office printers: The ticking IT time bomb hiding in plain sight
Office printers don’t have to be security threats: with foresight and maintenance they’re very easily threat-proofed. The problem is that system administrators rarely give the …
On my mind: Transitioning to third-party cloud services
During this extended period of social distancing filled with increased online activity, I can’t help but reflect on all the user data that has been created, stored, hacked, …
Information security goes non-binary
Finding security holes in information systems is as old as the first commercially available computer. Back when a “computer” was something that sat in a computer room, users …
Application security: Getting it right, from the start
Security testing data is “the unsung hero” of securing application development. It’s the backbone of application development quality, compliance and risk management, and rests …
Cybersecurity in a remote workplace: A joint effort
The reaction to the COVID-19 pandemic has disrupted every aspect of life across the globe and many companies now find themselves with fully remote workforces. With so many …