Expert analysis
Three ways MITRE ATT&CK can improve your organizational security
There’s a good reason everyone’s talking about MITRE ATT&CK: it’s an objective, third-party standard with which organizations can measure their own detection coverage, as …
February 2021 Patch Tuesday forecast: The human communication aspect
We spend a lot of time each month discussing the technical details surrounding vulnerabilities, software updates, and the tools we use for patch management in our …
The transportation sector needs a standards-driven, industry-wide approach to cybersecurity
Despite the uncertainties of the last year, the transformation of the transportation sector forged ahead, dominated by the prevailing trend of CASE (Connected, Autonomous, …
Data loss prevention strategies for long-term remote teams
Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv …
Runtime data no longer has to be vulnerable data
Today, the security model utilized by nearly all organizations is so weak that the mere act of creating new data comes with the immutable assumption that such data will become …
Kick off the year with a new vendor management spring cleaning strategy
Your company’s vendor management program may not be what you need to get the most out of your cybersecurity vendors, so I’ll focus on a Cyber Vendor Optimization Strategy. The …
SMB ransomware extortion: Identifying pieces of the puzzle
2020 saw a new trend emerge: ransomware victims who were unwilling or unable to pay the ransom were faced with the threat of their sensitive information being exposed. Ponying …
To combat cyber warfare the security industry needs to work together
Just when we thought 2020 couldn’t get worse, security firm FireEye broke the news that the compromise of a software solution by IT solutions provider SolarWinds had resulted …
Ransomware: The rise of Misfortune 500 businesses
Far too many executives and employees think ransomware is a nuisance delivered via an obviously fake phishing email. This misconception leaves companies exposed to attack. …
Marry IGA with ITSM to avoid the pitfalls of Identity 2.0
Identity 2.0 vendors are about to face a reckoning. For too long, they’ve focused solely on compliance and missed the mark on the adaptability, automation and integration that …
Everyone’s talking about Data Privacy Day, but who’s listening?
It’s January 28th 2021, which means Data Privacy Day is upon us once again. A lot has happened in the past year, including a global pandemic that resulted in many of us …
Streamlining cloud compliance through automation
As companies migrate to the cloud to take advantage of its scalability and flexibility, many don’t fully realize how this move will affect their compliance with …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act