Expert analysis
CISO accountability: Navigating a landscape of responsibility
What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire …
The shifting security landscape: 2025 predictions and challenges
As the borderless threat ecosystem poses new challenges for companies and governments worldwide, CISA’s 2025-2026 International Plan aims to address this problem. CISA’s …
With DORA approaching, financial institutions must strengthen their cyber resilience
The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation …
We must adjust expectations for the CISO role
Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a …
Preventing data leakage in low-node/no-code environments
Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While …
December 2024 Patch Tuesday forecast: The secure future initiative impact
December 2024 Patch Tuesday is now live: Microsoft fixes exploited zero-day (CVE-2024-49138) It seems like 2024 just started, but the final Patch Tuesday of the year is almost …
Preparing for Q-day: The essential role of cloud migration in securing enterprise data
As the era of quantum computing draws closer, businesses face a new and unprecedented threat to data security: “Q-day.” This looming turning point—when quantum …
5 reasons to double down on network security
Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing …
How to recognize employment fraud before it becomes a security issue
The combination of remote work, the latest technologies, and never physically meeting your employees has made it very easy for job applicants to mask their true identities …
AI Kuru, cybersecurity and quantum computing
As we continue to delegate more infrastructure operations to artificial intelligence (AI), quantum computers are advancing towards Q-day (i.e., the day when quantum computers …
Five backup lessons learned from the UnitedHealth ransomware attack
The ransomware attack on UnitedHealth earlier this year is quickly becoming the healthcare industry’s version of Colonial Pipeline, prompting congressional testimony, lawmaker …
Dev + Sec: A collaborative approach to cybersecurity
The age-old tension between development and security teams has long been a source of friction in organizations. Developers prioritize speed and efficiency, aiming to deliver …
Featured news
Resources
Don't miss
- Commix: Open-source OS command injection exploitation tool
- Review: The Chief AI Officer’s Handbook
- How QR code attacks work and how to protect yourself
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
- OSPS Baseline: Practical security best practices for open source software projects