Expert analysis
The Goldilocks principle for zero trust fraud prevention
According to Wikipedia, “zero trust is an information security framework which states that organizations should not trust any entity inside or outside of their perimeter at …
How CISOs can justify cybersecurity purchases
Sometimes a disaster strikes: ransomware encrypts critical files, adversaries steal sensitive data, a business application is compromised with a backdoor… This is the stuff …
Three principles regarding encryption you need to keep in mind
Encryption is a popular topic among security professionals and occasionally a polarizing one. Plenty of misconceptions surround the process, and these often skew the way …
How to prioritize IT security projects
If you’re an IT security professional, you’re almost certainly familiar with that sinking feeling you experience when presented with an overwhelming number of …
2020: A year of deepfakes and deep deception
Over the past year, deepfakes, a machine learning model that is used to create realistic yet fake or manipulated audio and video, started making headlines as a major emerging …
Data breach: Why it’s time to adopt a risk-based approach to cybersecurity
The recent high-profile ransomware attack on foreign currency exchange specialist Travelex highlights the devastating results of a targeted cyber-attack. In the weeks …
You can upgrade Windows 7 for free! Why wouldn’t you?
“Doomsday is here! The sky is falling! Windows 7 is out of support and all hell will break loose!” – or, at least, that’s what some cybersecurity experts and press outlets …
Lessons from Microsoft’s 250 million data record exposure
Microsoft has one of the best security teams and capabilities of any organization in the technology industry, yet it accidentally exposed 250 million customer records in …
CISOs: Make 2020 the year you focus on third-party cyber risk
While cybersecurity professionals are certainly aware of the growing threat posed by sharing data with third parties, many seem to lack the urgency required to address this …
Zero Trust: Beyond access controls
As the Zero Trust approach to cybersecurity gains traction in the enterprise world, many people have come to recognize the term without fully understanding its meaning. One …
There is no easy fix to AI privacy problems
Artificial intelligence – more specifically, the machine learning (ML) subset of AI – has a number of privacy problems. Not only does ML require vast amounts of data for …
Container security requires continuous security in new DevSecOps models
When Jordan Liggitt at Google posted details of a serious Kubernetes vulnerability in November 2018, it was a wake-up call for security teams ignoring the risks that came with …