The cybersecurity landscape is a complex and ever-evolving ecosystem. At its core lies a fundamental paradox: the more tools we deploy to protect our digital assets, the more complex and… The post Complexity: The Silent Killer of Cybersecurity appeared first…
Category: Cyber Defense Magazine
Confronting the Ransomware Menace: A Critical Look at Payment Practices and Emerging Strategies
Ransomware attacks remain a significant threat to organizations worldwide, with cybercriminals continuously evolving tactics. Despite long-standing advice from cybersecurity experts against paying ransoms, many businesses still opt to pay, hoping… The post Confronting the Ransomware Menace: A Critical Look at…
Why EPSS is a Game-Changer for Cybersecurity Risk Management
Having served on the MITRE.org CVE (OVAL) advisory board, I have spent years analyzing vulnerabilities and how they impact global cybersecurity. The challenge has always been prioritization—how do we determine… The post Why EPSS is a Game-Changer for Cybersecurity Risk…
Maximizing Security Through Hardware
Organizations are continually balancing seamless user experiences and implementing robust defenses against evolving threats. Passwords, as the first line of defense, remain a primary vulnerability, often exploited due to poor… The post Maximizing Security Through Hardware appeared first on Cyber…
Have the Last Word Against Ransomware with Immutable Backup
With incidences of ransomware on the rise, nobody should even be thinking that an attack is something that couldn’t happen to them, let alone speak those words into existence. And… The post Have the Last Word Against Ransomware with Immutable…
Publishers Spotlight: Flashpoint
In 2024, a new hybrid cold war is redefining the threat landscape. Cyber, physical, and geopolitical risks are converging, with nation-states, ransomware groups, and insider threats exploiting vulnerabilities to disrupt… The post Publishers Spotlight: Flashpoint appeared first on Cyber Defense…
RASP (Runtime Application Self-Protection) in Mobile Application Security: A Strategic Imperative for the Modern Threat Landscape
Introduction The mobile application landscape is more dynamic and challenging than ever, with businesses increasingly relying on mobile channels to drive customer engagement, streamline operations, and generate revenue. Yet, this… The post RASP (Runtime Application Self-Protection) in Mobile Application Security:…
Deciphering End User Data Access Patterns is Key to a Strong SaaS Security Posture
It’s all about patterns. Long before cybersecurity was on anyone’s radar, defensive intelligence – like catching an enemy spy in your ranks – was about being able to recognize patterns… The post Deciphering End User Data Access Patterns is Key…
Experience from GAP Assessment Audits for NIS2 Compliance
The NIS2 (Directive (EU) 2022/2555 of the European Parliament and of the Council) imposes cybersecurity and information security compliance obligations on many organizations that previously had no such requirements. Most… The post Experience from GAP Assessment Audits for NIS2 Compliance…
Building Contextual Data Models for Identity Related Threat Detection & Response (ITDR)
Amid the rising pace of digitization, a growing number of organizations are managing their workloads based on a hybrid model. A hybrid model by design leads to dispersion of corporate… The post Building Contextual Data Models for Identity Related Threat…
Incident Response Planning: A Portion of Planning is Worth a Pound of Gold
When you are hacked, you want to recapture control quickly as hackers move through systems, locking sensitive information and holding it for ransom. You need to determine the extent of… The post Incident Response Planning: A Portion of Planning is…
Deepfakes: How Deep Can They Go?
With the help of today’s technology, virtually anyone can create a passable deepfake—a manipulated image, video, or audio recording that seems real. All that is required is a consumer-grade computer… The post Deepfakes: How Deep Can They Go? appeared first…
Is Platform Engineering a Step Towards Better Governed DevOps?
Since 2010, Puppet’s annual State of DevOps Report has tracked trends in IT, including security and, more recently, the growth of platform engineering. 2024’s edition, which includes the results of… The post Is Platform Engineering a Step Towards Better Governed…
Why the Growing Risk of Cyber Inequity Threatens Critical Infrastructure
Cyber inequity is a growing chasm that continues to separate organizations with robust cybersecurity and technology capabilities from those without. This digital divide is a global cybersecurity crisis in the… The post Why the Growing Risk of Cyber Inequity Threatens…
How to Root Out Malicious Employees
Malicious employees and insider threats pose one of the biggest security risks to organizations, as these users have more access and permissions than cyber criminals attacking the organisation externally. It… The post How to Root Out Malicious Employees appeared first…
Cyber Security in Customer Engagement: The Triple Defence Strategy
As digital interactions dominate modern communication, the rapid evolution of cyber threats demands robust security measures in customer engagement as a critical imperative. Traditional security methods are no longer sufficient,… The post Cyber Security in Customer Engagement: The Triple Defence…
Navigating the New Frontier: Strengthening Cybersecurity Through Next-Gen Identity & Access Governance
It can be difficult to fully appreciate just what has changed when it comes to cybersecurity – and by how much. Up until around two decades ago, the network was the definitive… The post Navigating the New Frontier: Strengthening Cybersecurity Through Next-Gen…
20% of Organizations Have Experienced a Non-Human Identity Security Incident
Today’s business environment requires teams to do more — better than before, and at a faster rate. Thanks to third-party apps, no-code platforms, GenAI, and other forms of automation and… The post 20% of Organizations Have Experienced a Non-Human Identity…
Binary Cryptology with the Internet of Things Communication
The home and office-based internet is a quite cheap resource that is everything, but not reliable and trusted as it is possible conducting a cyber-attack from anywhere and anytime, so… The post Binary Cryptology with the Internet of Things Communication…
Can Your Security Measures Be Turned Against You?
Throughout history, the concept of defeating an opponent’s defenses has been central to warfare strategies. From ancient sieges using tunnels and siege engines to modern tactics aimed at neutralizing air… The post Can Your Security Measures Be Turned Against You?…
The Foundation of Data Security: Why Data Discovery Is the Critical First Step
In the complex world of cybersecurity, one fundamental truth remains constant: you can’t protect what you don’t know exists. This is why data discovery stands as the cornerstone of any… The post The Foundation of Data Security: Why Data Discovery…
Cybersecurity’s Broken Model: The Cost of Overcomplication and Underperformance
Cybersecurity is in need of a reckoning. Global cybersecurity spend reached a record $79.2 billion in 2023 and is expected to grow by almost 10% this year – a reflection of the… The post Cybersecurity’s Broken Model: The Cost of Overcomplication and…
A Step-by-Step Guide to the NIST Risk Management Framework (RMF): Simplifying Risk Management for Small Enterprises
As the decade nears its halfway mark, ransomware attacks continue to dominate headlines across newspapers and website homepages. The relentless uptick in attacks shows no signs of slowing down, and small and mid-sized businesses… The post A Step-by-Step Guide to the NIST Risk Management…
Integrating AI into Network Security for Improved Threat Detection
Have you ever wondered how your digital security can keep up with the lightning-fast evolution of cyber threats? The world of cybersecurity is changing faster than ever, driven by relentless… The post Integrating AI into Network Security for Improved Threat…
Cyber Score, OSINT, and the Transformation of Horiens Risk Advisors in Latin America
Introduction The cybersecurity landscape is constantly evolving, and organizations face increasing challenges in protecting their digital assets, often referred to as the “Crown Jewels.” In this context, the use of… The post Cyber Score, OSINT, and the Transformation of Horiens…
Win or Lose: Using CMMC 2.0 Proposed Rule to Position Yourself for DOD Contracts
The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information,… The post Win or Lose: Using CMMC 2.0 Proposed Rule…
How The Right Application Server Can Protect Healthcare and Public Institutions from Cyber Attacks
Cybersecurity in the public and healthcare sectors is a growing concern as cyberattacks become increasingly sophisticated and frequent. However, many existing vulnerabilities can be easily addressed to deliver more robust… The post How The Right Application Server Can Protect Healthcare…
To Combat Cyberbullying and Online Fraud, We Must Do More to Protect Minors
The last 20 years have fundamentally redefined how consumers behave online. The emergence of sites such as YouTube, Meta, and X has reshaped how we share and consume media. Online… The post To Combat Cyberbullying and Online Fraud, We Must…
How vCISOs Can Enhance an Organization’s Cybersecurity Posture with Cyber Insurance
In today’s digital age, where cyber threats loom large and data breaches are increasingly common, many organizations are turning to Virtual Chief Information Security Officers (vCISOs) to bolster their cybersecurity frameworks. These… The post How vCISOs Can Enhance an Organization’s Cybersecurity Posture…
Bridging The Manufacturing Security “Air Gap”
In the world of manufacturing, one security measure has stood out above all others: the “air gap.” This technique, which isolates technology from the outside world, once provided a reasonable… The post Bridging The Manufacturing Security “Air Gap” appeared first…
The GenAI Scam Revolution
Introduction The intersection of cutting-edge artificial intelligence technologies and the extensive exposure of personal data has opened a Pandora’s box of potential misuse, including hyper-targeted scams. Large language models (LLMs),… The post The GenAI Scam Revolution appeared first on Cyber…
Navigating Advanced Threat Landscapes
In today’s era, marked by rapid digital transformations and an increase in sophisticated cyber threats, the role of Chief Information Security Officers is more crucial than ever. CISOs face the… The post Navigating Advanced Threat Landscapes appeared first on Cyber…
Why Cybersecurity Compliance in Rail Transportation Has Never Been More Important, Or More Challenging to Keep on Track
As the world’s Rail transportation industry becomes more sophisticated, embracing digital technologies to enhance efficiency, safety, and operational capabilities, it is also exposed to a myriad of cybersecurity threats. The… The post Why Cybersecurity Compliance in Rail Transportation Has Never…
Why Cybersecurity At The Olympics (And All Major Global Events) Shouldn’t Take A Backseat
Although the 2024 Summer Olympics brought more than 15 million visitors to Paris and generated $11 billion in economic activity, the Games didn’t just convene excited fans and world-class athletes—it… The post Why Cybersecurity At The Olympics (And All Major…
Three Big Reasons Ransomware Payments Are Up More Than 5X Over Last Year
If the mission of cybersecurity is to protect the organization from losses to cybercriminals, we are in deep trouble. Over the past year there has been a dramatic increase in… The post Three Big Reasons Ransomware Payments Are Up More…
The Rise in Phishing Scams
As cybersecurity platforms have become more effective, cyber attackers have shifted their strategy. Rather than challenging defense applications to identify weaknesses, they are now increasingly focused on exploiting human behavior…. The post The Rise in Phishing Scams appeared first on…
The Relationship Between Network and Security: Why They’re Ditching the “It’s Your Fault” Game
Remember the good old days of IT? Back when firewalls were like bouncers at a nightclub, and security was a sleepy corner in the IT department? Those days are about… The post The Relationship Between Network and Security: Why They’re…
Revolutionizing Investigations: The Impact of AI in Digital Forensics
Artificial intelligence (AI) is making waves in many industries across the board. It found use in healthcare, manufacturing, retail, finance, and other sectors that deal with large volumes of data…. The post Revolutionizing Investigations: The Impact of AI in Digital…
The Frontier of Security: Safeguarding Non-Human Identities
Dropbox, Microsoft, Okta – not only are these all major software companies, but each of them has fallen victim to a supply chain attack due to a compromised non-human identity…. The post The Frontier of Security: Safeguarding Non-Human Identities appeared…
The Cybersecurity Checklist: Top Methods and Tools for Protection And Mitigation
The rapid development of artificial intelligence (AI) is fueling an increase in cyber-attacks, threatening the data infrastructure of businesses and individuals. Approximately 85 percent of cybersecurity professionals attribute the increase… The post The Cybersecurity Checklist: Top Methods and Tools for…
The Age of Unseen Truths And Deceptive Lies
From the moment we’re born, we are surrounded by a mix of true and false information. In the past, distinguishing between them was relatively easy, but over time, it has… The post The Age of Unseen Truths And Deceptive Lies…
Tagged Files as a Road to Insider Threats
The insider threat is any individual within community who does something against such surrounding even being used for sabotage, diversion, espionage and the other purposes, so far. On the other… The post Tagged Files as a Road to Insider Threats…
The Power of Many: Crowdsourcing as A Game-Changer for Modern Cyber Defense
With the rapid technological advancement and the world entering the AI era, the cyber threat landscape has significantly evolved in its complexity and sophistication. The frequency of data breaches has… The post The Power of Many: Crowdsourcing as A Game-Changer…
Operational Security: The Backbone of Effective Police Communication
In the fast-paced and dynamic world of law enforcement, effective communication is essential for ensuring public safety and successful operations. However, amidst the ever-evolving landscape of technology and threats, maintaining… The post Operational Security: The Backbone of Effective Police Communication…
The Cyber Resilience Act: How Manufacturers Can Meet New EU Standards and Strengthen Product Security
Cybersecurity has become a leading priority for manufacturers of embedded systems and IoT devices. The rapid proliferation of these technologies, combined with their increasing integration into critical infrastructure, has made… The post The Cyber Resilience Act: How Manufacturers Can Meet…
Passwords Are Out, Biometrics Are In
As more aspects of daily life move online—including financial transactions, government services like mobile driver’s licenses, and digital travel authentication—the weaknesses of traditional remote identity verification methods, such as passwords,… The post Passwords Are Out, Biometrics Are In appeared first…
Securing Election Integrity In 2024: Navigating the Complex Landscape of Modern Threats
As we navigate the 2024 election year, safeguarding the integrity of our democratic process is more critical than ever. While much attention has been focused on securing ballot machines, the… The post Securing Election Integrity In 2024: Navigating the Complex…
Start PII Leak Detection and Data Flow Mapping Where It Matters Most: In the Code
Quick link: Learn more about how HoundDog.ai is transforming AppSec and data security at HoundDog.ai. In 2023, 92% of data breaches involved Personally Identifiable Information (PII)—a staggering and growing trend… The post Start PII Leak Detection and Data Flow Mapping…
Managing Sensitive Security Investigations in Remote Settings
Managing sensitive security investigations has become more complex and challenging in today’s increasingly prevalent remote work environment. As a result, ensuring that these investigations are conducted effectively and securely requires… The post Managing Sensitive Security Investigations in Remote Settings appeared…
Is Unified Access Control Zero Trust’s Silver Bullet?
With the advent of Zero Trust architecture, where the principle of “never trust, always verify” prevails, the importance of comprehensive access control has never been more pronounced. As cyber threats… The post Is Unified Access Control Zero Trust’s Silver Bullet?…
Beyond Passwords: Transforming Access Security with Passwordless IAM
Ever found yourself locked out of an account at the worst possibility? While rushing to meet a deadline or accessing something critical—because you didn’t remember the password? Or maybe you… The post Beyond Passwords: Transforming Access Security with Passwordless IAM…
7 Steps International Organizations Must Take to Defend Critical National Infrastructure
Critical national infrastructure (CNI) is at risk in countries across the globe. When attackers target CNI systems—which include power plants, emergency services, hospitals, and transportation—it can cause life-threatening disruptions. We’ve… The post 7 Steps International Organizations Must Take to Defend…
HTTP 1.1 Vs. HTTP 2: What Are the Differences?
According to this recent report by McKinsey, 87% of consumers say they won’t do business with your company if they have concerns about your security practices. So if you’re serious about protecting… The post HTTP 1.1 Vs. HTTP 2: What Are the…
How to Use AI in Cyber Deception
For years, cyber deception has been an excellent tool against would-be cybercriminals. However, the cybersecurity landscape is constantly evolving — and many conventional techniques are no longer as effective. Is… The post How to Use AI in Cyber Deception appeared…
How To Privacy-Proof the Coming AI Wave
Everyone has noticed that we have entered the AI era. AI is everywhere: to improve customer experience, reduce costs, generate stunning and surreal images. The size of the Artificial Intelligence… The post How To Privacy-Proof the Coming AI Wave appeared…
How To Fight Scattered Spider Impersonating Calls to The IT Help Desk
Imagine you worked for years on building your cyber defense. You built all the systems you need, all the policies are in place, and you are humming along. When the… The post How To Fight Scattered Spider Impersonating Calls to…
How Government Agencies Can Level the Cybersecurity Playing Field With AI/ML
The threat cybercriminals pose to federal information systems and networks is real and pervasive. Defending against unauthorized intrusions is a full-time effort for federal agencies and the contractors that support… The post How Government Agencies Can Level the Cybersecurity Playing…
Growing Enterprise Data is Creating Big Cybersecurity Risk
Buzz about big data permeated tech conversations in the mid-1990s, but people today don’t talk as much about big data anymore. It’s not that data isn’t big. Data is bigger… The post Growing Enterprise Data is Creating Big Cybersecurity Risk…
Exploring the Vishing Threat Landscape
Voice phishing, also known as vishing, represents a growing threat to organizations worldwide. Keepnet’s 2024 Vishing Response Report illuminates the alarming statistic that 70% of companies are prone to voice… The post Exploring the Vishing Threat Landscape appeared first on…
Cybersecurity: How to Involve People in Risk Mitigation
Cybersecurity: how to involve people in risk mitigation Cefriel presented the white paper “Cyber Security and the Human Element”, an in-depth look at how to analyze and understand the connections… The post Cybersecurity: How to Involve People in Risk Mitigation…
SWARM: Pioneering The Future of Autonomous Drone Operations and Electronic Warfare
Modern unmanned technologies are experiencing rapid growth, encompassing both civilian and military applications. Autonomous vehicles, delivery drones, and unmanned aerial vehicles for rescue and firefighting services have become an integral… The post SWARM: Pioneering The Future of Autonomous Drone Operations…
The Advent of Quantum Cryptography and Zero Trust: A New Era In The World Of Cybersecurity
Short description The advancement of cybersecurity is propelled by adapting to new technologies and rising threats. From quantum cryptography to Zero Trust models and pioneering innovations from industry leaders, the… The post The Advent of Quantum Cryptography and Zero Trust:…
RSA Conference: 20th annual RSAC Innovation Sandbox and fifth annual Launch Pad contests are now open.
San Francisco, CA – January 14, 2025 – RSA Conference™, the world’s leading information security conferences and expositions, today announced that submissions for the 20th annual RSAC Innovation Sandbox and fifth annual… The post RSA Conference: 20th annual RSAC Innovation Sandbox and…
Exposure Management: A Strategic Approach to Cyber Security Resource Constraint
Imagine being bombarded by a relentless barrage of alarms, each one clamouring for immediate attention. This is the daily reality for cyber security teams, overwhelmed by alerts from countless sources,… The post Exposure Management: A Strategic Approach to Cyber Security…
Publisher’s Spotlight: Merlin Group
Bridging the Gap Between Cyber Innovation and Regulated Markets Addressing the Challenge of Innovation Access in Regulated Markets In an era where the need for technological innovation is more critical… The post Publisher’s Spotlight: Merlin Group appeared first on Cyber…
Air Gap
In August 2024, the FBI issued a notice that an Iranian backed team was attempting to hack American political parties’ campaign information. (Miller & Balsamo, 2024). In that same month,… The post Air Gap appeared first on Cyber Defense Magazine.…
Protecting Your Organization Against Advanced, Multi-Stage Cyber Attacks
Threat actors are continuously enhancing their techniques and increasing sophistication to evade cyber defenses. Consequently, multi-stage ransomware and malware attacks, characterized by heavy obfuscation are becoming increasingly prevalent. The Europol Threat… The post Protecting Your Organization Against Advanced, Multi-Stage Cyber Attacks…
Data Decay and Cybersecurity: Understanding The Risks And Mitigating The Impact On Your Business
Becoming successful in this digital age means your business operations, decision-making, and customer relationships are primarily powered by your data. Unfortunately, the quality of your data diminishes as time passes…. The post Data Decay and Cybersecurity: Understanding The Risks And…
The Cyber Defense Emergency Room
In cybersecurity like in the emergency room, every moment is critical. Much like an emergency room, where nurses must quickly assess and prioritize patients based on the severity of their… The post The Cyber Defense Emergency Room appeared first on…
Phishing in 2024: Navigating the Persistent Threat and AI’s Double-Edged Sword
In 2024, phishing remains one of the most prevalent and dangerous cybersecurity threats. Despite advancements in technology and increased awareness, cybercriminals continue to exploit human vulnerabilities, adapting their tactics to… The post Phishing in 2024: Navigating the Persistent Threat and…
Elevating Security: The Crucial Role of Effective API Management in Today’s Digital Landscape
In today’s digital landscape, the increasing reliance on Application Programming Interfaces (APIs) brings significant security challenges that organizations must address. The Salt Labs State of API Security Report, 2024, reveals that… The post Elevating Security: The Crucial Role of Effective API…
Guardians Of the Grid
The surge in cyberattacks and the emerging role of Generative AI The importance of cyber security tools in protecting sensitive information, sustaining organization’s resilience and enabling business continuity during hostile… The post Guardians Of the Grid appeared first on Cyber…
Exploring CVSS 4.0’s Impact on Vulnerability and Threat Management
The Common Vulnerability Scoring System (CVSS) offers a standardized framework for characterizing and scoring vulnerabilities, helping the effort for vulnerability risk assessment. The release of CVSS 4.0 in November 2023 marked a… The post Exploring CVSS 4.0’s Impact on Vulnerability and Threat…
Four Steps Security Teams Can Take to Unlock Resources In Budget-Constrained Environments
Imagine walking into a board meeting with a tool that shows your board exactly how protected the organization is, based on the investment they have allowed you to make. Or,… The post Four Steps Security Teams Can Take to Unlock…
Fortifying The Links
In today’s hyper-connected world, supply chains are the lifeblood of industries, spanning across continents and involving numerous third-party vendors. While this interconnectedness brings unparalleled efficiency and opportunities for growth, it… The post Fortifying The Links appeared first on Cyber Defense…
The Key to AI-Enabled Multi-Coalition Warfare
In February, the top artificial intelligence (AI) official at the Department of Defense (DoD) laid out his vision for AI-enabled warfare. “Imagine a world where combatant commanders can see everything they… The post The Key to AI-Enabled Multi-Coalition Warfare appeared first…
The Role of AI in Evolving Cybersecurity Attacks
In the ever-expanding digital landscape, cybersecurity remains a critical concern for individuals, businesses, and governments alike. As technology advances, so do the tactics of cybercriminals. One of the most significant… The post The Role of AI in Evolving Cybersecurity Attacks…
The Fundamental Components to Achieving Shift-Left Success
“Shift-left” is a familiar concept to CISOs and security practitioners across the globe. A term coined to promote the integration of security practices earlier in the software development lifecycle (SDLC)… The post The Fundamental Components to Achieving Shift-Left Success appeared…
AT&T Breach 2024: Customer Data Exposed in Massive Cyber Attack
In a shocking breach of customer privacy, AT&T said in April 2024 that almost all of the data of its cell customers had been stolen. Records of most of AT&T’s… The post AT&T Breach 2024: Customer Data Exposed in Massive…
How To Navigate Certification Authority Distrust: Preventing Critical Incidents by Switching To A New Vendor
In the ever-evolving landscape of digital security, maintaining trust is paramount. When a Certification Authority (CA) is no longer trusted by browsers like Google, as was demonstrated on June 27th, it… The post How To Navigate Certification Authority Distrust: Preventing Critical…
Protect SAP Supply Chains by Preventing Cyber Attacks
Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…
The Traditional Advocates of the Security Perimeter Don’t Want You to Know about Data-Centric Security
In an era defined by continuous media announcements of organizations that have suffered both government and private data breaches and thefts, the security of this invaluable asset has never been… The post The Traditional Advocates of the Security Perimeter Don’t…
Is Platform Engineering a Step Towards Better Governed DevOps?
Since 2010, Puppet’s annual State of DevOps Report has tracked trends in IT, including security and, more recently, the growth of platform engineering. 2024’s edition, which includes the results of a survey… The post Is Platform Engineering a Step Towards Better Governed…
Russia, Apple, And the New Front Line in The Fight for Internet Freedom
Russia’s reputation for suppressing internet freedom and free expression is well documented. VPNs have long had a contentious relationship with the Russian state, and in recent years they have been… The post Russia, Apple, And the New Front Line in…
Best Practices for Effective Privileged Access Management (PAM)
Privileged accounts are highly coveted targets for malicious attackers due to the extensive access they provide. According to the 2024 Verizon Data Breach Investigation Report, nearly 40% of data breaches… The post Best Practices for Effective Privileged Access Management (PAM)…
Securing the OT Stage: NIS2, CRA, and IEC62443 Take Center Spotlight
In the dynamic landscape of Operational Technology (OT), robust cybersecurity measures are paramount. As the digital transformation accelerates, protecting critical infrastructure becomes more challenging. Fortunately, three key standards—NIS2, CRA, and… The post Securing the OT Stage: NIS2, CRA, and IEC62443…
The Urgent Need for Data Minimization Standards
A central principle in many data protection laws around the globe is data minimization. But we are currently facing a serious issue: we don’t have legal clarity on what exactly… The post The Urgent Need for Data Minimization Standards appeared…
Four Ways to Harden Your Code Against Security Vulnerabilities and Weaknesses
The specter of security vulnerabilities is a constant concern in today’s digital landscape. They’re the hidden pitfalls that can undermine even the most meticulously crafted code. But what if you… The post Four Ways to Harden Your Code Against Security…
Is There a DDoS Attack Ceiling?
Today, it’s rare for a month to pass without reports of new distributed denial-of-service (DDoS) attacks. Lately, geopolitical instability and hacktivist groups (e.g., Anonymous Sudan and NoName057(16)) have driven attacks, and these types of attacks… The post Is There a DDoS Attack Ceiling? appeared first…
Ditch The Cloud Security Labels to Nail Detection and Response
Today’s cloud security categories don’t do practitioners any favors when it comes to identifying the key requirements for detection and response in the cloud. This is because various detection and… The post Ditch The Cloud Security Labels to Nail Detection…
Cybersecurity At the Crossroads: The Role Of Private Companies In Safeguarding U.S. Critical Infrastructure
In an era where we are completely reliant on digital connectivity, the security of our critical infrastructure is paramount. CISA defines 16 sectors of US critical infrastructure; each unique and yet… The post Cybersecurity At the Crossroads: The Role Of Private…
Innovator Spotlight: Fortra
by Dan K. Anderson CEO, CISO, and vCISO As cyber threats grow more sophisticated and frequent, organizations face immense pressure to simplify their security stacks and improve operational efficiency. According… The post Innovator Spotlight: Fortra appeared first on Cyber Defense…
Protect SAP Supply Chains by Preventing Cyber Attacks
Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…
Breaking Up with Your Password: Why It’s Time to Move On
Data breaches impacted more than 1 billion users in the first half of 2024, up 409% from this time last year, emphasizing the importance of maintaining stealth cyber hygiene. The truth is, as… The post Breaking Up with Your Password: Why It’s Time…
Big Faces, Big Spend, Low ROI: Why Ad Fraud is Increasingly Damaging Brands
Brands are increasingly seen to be employing familiar and expensive faces to ambassador ad campaigns and new products. However, with an estimated 26% of ad spend lost to ad fraud, businesses are… The post Big Faces, Big Spend, Low ROI: Why Ad…
Beyond Encryption: Advancing Data-in-Use Protection
In the ever-evolving landscape of cryptography, traditional encryption methods safeguarding data at rest and in transit remain foundational to cybersecurity strategies. However, the security of decrypted data actively used within… The post Beyond Encryption: Advancing Data-in-Use Protection appeared first on…
Benefits of Network Monitoring Systems
Maintaining a resilient, secure, and efficient network infrastructure is more important than ever. Network monitoring systems, which encompass both hardware and software tools, play a pivotal role in achieving this… The post Benefits of Network Monitoring Systems appeared first on…
Autonomous, Deterministic Security for Mission-Critical IOT Systems
Mission-Critical Iot Systems: Cybersecurity Principles In creating an effective cybersecurity strategy for IoT systems, software architects examine obstacles that limit the security options for their target systems. To deliver a… The post Autonomous, Deterministic Security for Mission-Critical IOT Systems appeared…
The Unsolvable Problem: XZ and Modern Infrastructure
The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst up at night. The recent XZ backdoor attack is finally… The post The Unsolvable Problem: XZ and Modern Infrastructure appeared…
A Cloud Reality Check for Federal Agencies
The move to cloud is not slowing down – spending by Federal civilian agencies on cloud computing could reach $8.3 billion in Fiscal Year (FY) 2025. But despite years of guidance (from… The post A Cloud Reality Check for Federal Agencies appeared…