Expert analysis
A humble proposal: The InfoSec CIA triad should be expanded
The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may …
This is the year CISOs unlock AI’s full potential
In 2025, CISOs will have powerful new capabilities as generative artificial intelligence (GenAI) continues to mature. Evolving beyond providing answers to questions, GenAI …
Time for a change: Elevating developers’ security skills
Organizations don’t know their software engineers’ security skills because they don’t assess them in the interview process. Trying to do that in an interview is challenging, …
January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
January 2025 Patch Tuesday is now live: Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Welcome to 2025 and a new year of patch excitement! In my December …
The SBI fake banking app shows that SMS authentication has had its day
As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive …
Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd
As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working …
Why an “all gas, no brakes” approach for AI use won’t work
Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, …
Making the most of cryptography, now and in the future
Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. …
The modern CISO is a cornerstone of organizational success
The chief information security officer (CISO) role has undergone a remarkable transformation, evolving from a purely technical position to a role that bridges business …
The future of data and AI: Seven trends shaping 2025 and beyond
In 2025, seven trends will shape the future of data and AI, offering advantages for those who see these changes not as challenges but as opportunities to innovate and excel.
2025 is going to be a bumpy year for IoT
In the Internet of Things (IoT) sector, 2025 is shaping up to be a politically charged year. Major global jurisdictions are set to implement device security regulations, …
Are threat feeds masking your biggest security blind spot?
Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those …
Featured news
Resources
Don't miss
- Commix: Open-source OS command injection exploitation tool
- Review: The Chief AI Officer’s Handbook
- How QR code attacks work and how to protect yourself
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
- OSPS Baseline: Practical security best practices for open source software projects