Expert analysis
Securing open-source code supply chains may help prevent the next big cyberattack
The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my …
Why cybersecurity training needs a post-pandemic overhaul
COVID-19 may have ushered in the rise of remote work (either temporarily or permanently) but not all organizations were prepared to manage a fully remote workforce and the …
Guarding against DCSync attacks
Gaining access to domain admin credentials is part of the endgame in many sophisticated attacks where threat actors are trying to maintain persistence. One of the ways that …
Top 5 cybersecurity considerations for file uploads of vaccination records
As vaccination mandates become more common, immunization records are increasingly required across the world. Organizations are turning to the digital space to upload images of …
An introduction to U.S. data compliance laws
Due to technological advances like the rise of cloud storage and social media, there is an increasing concern over privacy — especially when it comes to how businesses collect …
Lack of API visibility undermines basic principle of security
One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack …
Bots are lurking in your zombie and shadow APIs
By far this year’s biggest trend that we’ve observed in the land of APIs is that every organization has shadow and zombie APIs and they’re a much bigger issue than most people …
The six most common threats against the device that knows you best
What is the most intimate relationship in your life—aside from your partner, your children or your parents? For many of us, it’s our mobile phone. It’s the last thing we see …
Illuminating the path: Compliance as the key to security-by-design
Like taxes or going to the dentist, compliance is one of those topics that people often don’t like to contemplate. There are many reasons for the distaste but this …
Combating cybercrime: Lessons from a CIO and Marine veteran
A colleague asked me recently if I thought the FBI had finally experienced enough of the cyberattacks plaguing the United States and would now more aggressively pursue the …
We need a Cyber Awareness Century
For a generation of people that panic if they leave home without their phone or in the event of a social media outage, we are still very unequipped to handle the internet’s …
Operational technology and zero trust
Zero trust, otherwise known as zero trust architecture (ZTA), is a shift in the way we think about security. Zero trust is the concept of centralizing policy control, limiting …