Expert analysis
A third-party’s perspective on third-party InfoSec risk management
More than ever, organizations are relying on third parties to streamline operations, scale their business, expand and leverage expertise, and reduce costs. In the complex and …
The staying power of shadow IT, and how to combat risks related to it
There was a time, not too long ago, when most IT leaders believed shadow IT was a negligible element in their companies. They felt their IT organizations were so in control of …
The biggest data security blind spot: Authorization
Too many people have access to company data they don’t need. Also, too many companies focus on authentication (verifying identity) as a security measure and overlook the …
Security beyond software: The open source hardware security evolution
Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But …
Wargaming an effective data breach playbook
A well-tuned data breach playbook can provide security teams with a clear roadmap for working through the breach response process. Foreseeing every possible twist and turn of …
The new weakest link in the cybersecurity chain
It used to be that people were the greatest cybersecurity vulnerability, but this is no longer true. The rise of the internet made people more connected than ever. Attackers …
5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest …
Why it’s time to move towards a passwordless future
Adversaries don’t need to use sophisticated methods to gain access to enterprise systems or to deploy ransomware – they can just buy or steal credentials and log in. By …
April 2023 Patch Tuesday forecast: The vulnerability discovery race
The answer to the question “Why does software continue to have so many vulnerabilities?” is complex, because the software itself is so complex. There’ve been many articles …
How can organizations bridge the gap between DR and cybersecurity?
Breaking down the silos between disaster recovery (DR) and cybersecurity has become increasingly important to ensure maximum business resiliency against outages, data …
Malware and machine learning: A match made in hell
We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005. These early …
What you need before the next vulnerability hits
Cyberattacks tend to come from two angles: criminals take advantage of employees with privileged access or of security weaknesses in your hardware/software infrastructure. …