Expert analysis
Three firmware blind spots impacting security
Built into virtually every hardware device, firmware is lower-level software that is programmed to ensure that hardware functions properly. As software security has been …
Understanding the basics of API security
This is the first of a series of articles that introduces and explains application programming interfaces (API) security threats, challenges, and solutions for participants in …
Five best practices for achieving and maintaining SOC 2 compliance
A crucial framework for technology companies and cloud-based organizations, SOC 2 is both a technical audit and a requirement that comprehensive information security policies …
Client-side web security
To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to …
Let’s be realistic about our expectations of AI
Pop culture contains no shortage of intelligent robots. When the tool became viable and widely available in real life, people brought a number of enthusiastic but unrealistic …
Five contingency best practices for SOCs to handle uncertainty
With a crush of new teleworkers and a significant increase in endpoints coming online, we’ve entered into a new reality. COVID-19 has disrupted our lives and the business …
CISOs: Quantifying cybersecurity for the board of directors
Only 9% of security teams feel as if they are highly effective in communicating security risks to the board and to other C-suite executives, according to a recent survey …
Multi-cloud key management and BYOK
Cloud providers such as Google Cloud Platform, AWS, and Microsoft Azure work hard to be the service provider of choice for enterprise customers. They often push the envelope …
Understanding web security solutions
As should be evident to anyone in the cyber security industry, the wide range of available web security solutions from commercial vendors will necessarily have varying degrees …
Office printers: The ticking IT time bomb hiding in plain sight
Office printers don’t have to be security threats: with foresight and maintenance they’re very easily threat-proofed. The problem is that system administrators rarely give the …
On my mind: Transitioning to third-party cloud services
During this extended period of social distancing filled with increased online activity, I can’t help but reflect on all the user data that has been created, stored, hacked, …
Information security goes non-binary
Finding security holes in information systems is as old as the first commercially available computer. Back when a “computer” was something that sat in a computer room, users …