Security Experts:

long dotted


According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
The effect of reduced staffing levels over holidays and weekends doesn’t just attract more cybercriminals, it makes the outcome of attacks more severe. [Read More]
CISA has published a Stakeholder-Specific Vulnerability Categorization (SSVC) guide in an effort to help organizations prioritize vulnerability patching. [Read More]
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
In this video discussion, Mastercard’s Johan Gerber, EVP, Cyber and Security Products, discusses the strategies and tools needed to mitigate ESG risk on a business’s supply chain and reputation. [Read More]
Join Mastercard’s Johan Gerber, EVP, Cyber and Security Products, as he discusses the strategies and tools needed to mitigate ESG risk on a business’s supply chain and reputation. [Read More]
Nozomi Networks and SANS release their 2022 OT/ICS Cybersecurity Report, which shows that engineering workstations are increasingly used as an initial access vector. [Read More]
Bearer, Notebook Labs, and Protexxa, cybersecurity startups dealing with data security, web3 identity, and enterprise cyber hygiene, received a total of over $10 million in seed funding. [Read More]
If high quality realtime deepfakes are close, the question then becomes one of defense – how can business detect and defend against such deepfakes? [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Gordon Lawson's picture
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Torsten George's picture
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Gordon Lawson's picture
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Landon Winkelvoss's picture
How organizations can use managed services to optimize their threat intelligence program during an economic downturn.
Jeff Orloff's picture
The Defense Readiness Index is a reliable alternative for assessing a security team’s skill level, developing a roadmap for improving cyber competencies, and reaching the optimal level of cyber security readiness.
Gordon Lawson's picture
The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach.
Torsten George's picture
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
Landon Winkelvoss's picture
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Keith Ibarguen's picture
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.