Expert analysis
Operationalizing zero trust in the cloud
Some organizations have bought into the idea that workloads in the cloud are inherently more secure than those on premises. This idea is reinforced by the concept that the …
Cloud-native security hinges on open source
Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the …
How to create SBOMs for container images
The importance of software bills of materials (SBOMs) has grown substantially in recent years as organizations recognize the need for greater transparency in the software …
The significance of CIS Control mapping in the 2023 Verizon DBIR
Verizon’s recently released 2023 Data Breach Investigation Report (DBIR) provides organizations with a comprehensive analysis of the evolving threat landscape and …
Goodbyes are difficult, IT offboarding processes make them harder
When employees, contractors and service providers leave an organization, they take with them knowledge, capabilities, and professional achievements. They should leave behind …
Red teaming can be the ground truth for CISOs and execs
This year, against the backdrop of attacks on everyone from healthcare institutions and schools to financial services organizations, as well as the introduction of legislation …
How secure is your vehicle with digital key technology?
Digital key technology allows mobile devices to streamline approval for everyday access points, making it a fitting solution for the automotive industry. While there are a few …
Beyond MFA: 3 steps to improve security and reduce customer authentication friction
For many people, life’s fundamental activities are now conducted online. We do our banking and shopping online, turn to the digital realm for entertainment and to access …
How to achieve cyber resilience?
Cyber resilience is a leading strategic priority today, and most enterprises are now pursuing programs to bolster their ability to mitigate attacks. Yet despite the importance …
June 2023 Patch Tuesday forecast: Don’t forget about Apple
UPDATE: June 13, 11:35 AM PT – June 2023 Patch Tuesday was released. The odd month-to-month pattern of CVEs addressed by Microsoft continued with the May Patch Tuesday. …
AI: Interpreting regulation and implementing good practice
Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into …
How to make developers love security
In my last post I discussed how developers can be your security secret weapon… but how to help them love doing security work? That’s a whole other challenge! Stories of the …