Features

Features

• What is cybersecurity transformation? Best practices for success

  Under increasing regulatory pressure and rising cyber threats, executives must prioritize cybersecurity transformation to safeguard assets, enable growth and ensure resilience.  Continue Reading

• CISO playbook for securing AI in the enterprise

  CISOs must partner with executive leadership to adopt a business-aligned AI security strategy that protects the organization while enabling responsible AI adoption.  Continue Reading

• Enterprise cybersecurity: A strategic guide for CISOs

  CISOs and others responsible for safeguarding an organization's systems, networks and data need to manage day-to-day threats while also planning strategically for what's ahead.  Continue Reading

• Why effective cybersecurity is important for businesses

  Cyberattacks can have serious financial and business consequences for companies, which makes implementing strong cybersecurity protections a critical step.  Continue Reading

• CISO burnout: How to balance leadership, pressure and sanity

  With CISO burnout comes increasing cyber incidents and costly leadership turnover. Organizations must invest in support to prevent this growing security risk.  Continue Reading

• What executives must know about nation-state threat actors

  Nation-state threat actors like Russia, China, Iran and North Korea are targeting critical infrastructure and sensitive data, so executives must prepare to defend against them.  Continue Reading

• 3 leading multifactor authentication tool providers

  Compare top MFA providers Cisco, Okta and Ping Identity. Learn product features and pricing tiers, and get advice on selecting a product for your organization's security needs.  Continue Reading

• How AI threat detection is transforming enterprise cybersecurity

  AI-powered threat detection transforms cybersecurity by using machine learning to analyze network traffic, user behaviors and data access patterns.  Continue Reading

• Cybersecurity risk management: Best practices and frameworks

  This proactive approach protects business operations, ensures compliance and preserves reputation through comprehensive security practices.  Continue Reading

• AI-powered attacks: What CISOs need to know now

  AI-powered attacks are transforming cybersecurity, using AI to automate and personalize threats at an unprecedented scale since 2022.  Continue Reading

• Why identity is the new perimeter – and how to defend it

  Identity has replaced network boundaries as today's security perimeter. Organizations must focus on protecting digital identities to safeguard their assets.  Continue Reading

• What is data risk management? Key risks and best practices

  Data risk management identifies, assesses and mitigates threats to organizational data, safeguarding sensitive information from unauthorized access.  Continue Reading

• How to spot and expose fraudulent North Korean IT workers

  North Koreans have infiltrated countless U.S. companies as remote IT workers. That means your top developer could also work for one of the world's most notorious dictators.  Continue Reading

• RSAC 2025: The time for crypto-agility adoption is now

  An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography.  Continue Reading

• 4 lessons in the new era of AI-enabled cybercrime

  Cyberattacks have evolved rapidly as GenAI use has become more widespread. An RSAC Conference 2025 panel shared what they've learned over the past two years.  Continue Reading

• RSAC Conference 2025 video reports

  We chatted on camera with attendees and presenters at RSAC 2025. Check out this video collection to get highlights from one of the world's major cybersecurity conferences.  Continue Reading

• Top 10 ransomware targets by industry

  In any given year, certain industries seem to make more attractive targets for ransomware groups. But no single sector shoulders all -- or even most -- of the risk.  Continue Reading

• The history and evolution of ransomware attacks

  Ransomware creators have become more innovative and savvier as organizations up their defenses.  Continue Reading

• Ransomware trends, statistics and facts in 2025

  Supply chain attacks, double extortion and RaaS are some of the ransomware trends that will continue to disrupt businesses in 2025. Is your industry a top target?  Continue Reading

• 8 types of ransomware, plus examples of attacks

  There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work and review notable attacks and variants.  Continue Reading

• Ransomware negotiation: Does it work, and should you try it?

  Negotiating with the criminals who are holding your data for ransom is a daunting and stressful endeavor. Experts weigh in on the risks and the potential outcomes.  Continue Reading

• QR code phishing: 14 quishing prevention tips

  Quishing is an offputting word for an on-the-rise attack method. Learn how to defend against it.  Continue Reading

• How to create a data breach response plan, with free template

  A data breach response plan outlines how a business reacts to a breach. Follow these six steps, and use our free template to develop your organization's plan.  Continue Reading

• Explaining AI's impact on ransomware attacks and security

  Experts say AI and LLMs will make ransomware attacks more dangerous, but those same tools could be turned against criminals by bolstering ransomware protections.  Continue Reading

• 4 ransomware detection techniques to catch an attack

  While prevention is key, it's not enough to protect a company's systems from ransomware. Learn how early detection with these four methods helps reduce damage from attacks.  Continue Reading

• 3 types of deepfake detection technology and how they work

  Think you're talking to your boss on Zoom? You might want to think again. Deepfake technology has already cost enterprises millions of dollars. Here's how to fight fire with fire.  Continue Reading

• 10 biggest data breaches in history, and how to prevent them

  Did you know the biggest data breach in history exposed a whopping 3 billion user records? Don't make the same mistakes these companies did in the largest data breaches in history.  Continue Reading

• Incident response for web application attacks

  Web app security is like learning to ride a bike -- expect to struggle before getting it right. But don't be disheartened; learn from prior incidents to improve controls.  Continue Reading

• How to create a data security policy, with template

  When it comes to data security, the devil is in the details. One critical detail organizations shouldn't overlook is a succinct yet detailed data security policy.  Continue Reading

• How to build an effective IAM architecture

  Identity and access management is changing and so must strategies for managing it. Read up on IAM architecture approaches and how to select the best for your organization.  Continue Reading

• The mystery of the $75M ransom payment to Dark Angels

  The Dark Angels gang stole 100 TB of data from a Fortune 50 company last year for a record-setting ransom payment. But the victim organization still hasn't disclosed those details.  Continue Reading

• Symmetric key encryption algorithms and security: A guide

  Scrambling plaintext into ciphertext is essential to ensure data cannot be read or used by the wrong people. Learn the basics of symmetric key encryption algorithms here.  Continue Reading

• 9 secure email gateway options for 2025

  Finding the best email security gateway is vital to protect companies from cyberattacks. Here's a look at some current market leaders and their standout features.  Continue Reading

• Navigate the 2025 threat landscape with expert insights

  AI technology and company employees can serve as both gateways and buffers against cyberthreats. Learn more from expert thought leaders on how to protect your environment in 2025.  Continue Reading

• Identity and access management tools and features for 2025

  The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers.  Continue Reading

• 10 cybersecurity predictions for 2025

  AI will still be a hot topic in 2025, but don't miss out on other trends, including initial access broker growth, the rise of vCISOs, tech rationalization and more.  Continue Reading

• How to configure and customize Kali Linux settings

  Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution.  Continue Reading

• Types of cybersecurity controls and how to place them

  A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset.  Continue Reading

• Equipment to include in a computer forensic toolkit

  Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit.  Continue Reading

• How to build an incident response plan, with examples, template

  With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company.  Continue Reading

• How to define cyber-risk appetite as a security leader

  In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite.  Continue Reading

• 'Defunct' DOJ ransomware task force raises questions, concerns

  A report from the Office of the Inspector General reviewed the U.S. Department of Justice's efforts against ransomware and found its task force was largely ineffective.  Continue Reading

• API security maturity model to assess API security posture

  As API use proliferates, attackers are targeting them to exploit networks and data. This six-domain API security maturity model can assess weaknesses and vulnerabilities.  Continue Reading

• How to prepare for post-quantum computing security

  One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations.  Continue Reading

• Infosec experts detail widespread Telegram abuse

  Cybersecurity vendors say threat activity on Telegram has grown rapidly in recent years, and they don't expect the arrest of founder and CEO Pavel Durov to change that trend.  Continue Reading

• Infosec industry calls for more public sector collaboration

  As cyberattacks continue to rise, infosec professionals address the need to increase private and public sector partnerships to assist law enforcement operations.  Continue Reading

• The 5 different types of firewalls explained

  The firewall remains a core fixture in network security. But, with five types of firewalls, three firewall deployment models and multiple placement options, things can get confusing.  Continue Reading

• How the Change Healthcare attack may affect cyber insurance

  UnitedHealth's Change Healthcare attack continued to show the devastating aftermath of supply chain attacks. Experts say it could change contingent language for future policies.  Continue Reading

• The differences between open XDR vs. native XDR

  Extended detection and response tools are open or native. Learn the differences between them, and get help choosing the right XDR type for your organization.  Continue Reading

• How AI-driven SOC tech eased alert fatigue: Case study

  Alert fatigue is real, and it can cause big problems in the SOC. Learn how generative AI can improve security outcomes and reduce analysts' frustration in this case study.  Continue Reading

• How to become a cybersecurity architect

  From help desk support personnel to network admin, learn about the multiple paths that can lead to becoming an effective and knowledgeable cybersecurity architect.  Continue Reading

• CASB vs. CSPM vs. CWPP: Comparing cloud security tool types

  Let's break down some cloud security alphabet soup. CASB, CSPM and CWPP overlap to an extent, but you'll want to pay close attention to how they accomplish different things.  Continue Reading

• What is cloud security management? A strategic guide

  This cloud security guide explains challenges enterprises face today; best practices for securing and managing SaaS, IaaS and PaaS; and comparisons of cloud-native security tools.  Continue Reading

• How AI-driven patching could transform cybersecurity

  At RSAC 2024, a Google researcher described how the search giant has already seen modest but significant success using generative AI to patch vulnerabilities.  Continue Reading

• Lessons learned from high-profile data breaches

  Equifax. Colonial Pipeline. Sony. Target. All are high-profile data breaches, and all offer key lessons to learn that prevent your organization from falling victim to an attack.  Continue Reading

• 3 Keycloak authorization strategies to secure app access

  Keycloak, an open source IAM tool, offers authorization methods, including RBAC, GBAC and OAuth 2.0, that limit what users can access.  Continue Reading

• Why the Keitaro TDS keeps causing security headaches

  Keitaro insists it is on the side of the law, but threat actors continue to flock to the software company's traffic distribution system to redirect users to malicious domains.  Continue Reading

• JetBrains, Rapid7 clash over vulnerability disclosure policies

  In a blog post this week, JetBrains argued that attacks on TeamCity customers were the result of Rapid7 publishing the full technical details of two critical vulnerabilities.  Continue Reading

• Cybersecurity market researchers forecast significant growth

  The cybersecurity market is growing and changing at a rapid pace, leading to major opportunities for vendors, heightened confusion for buyers and new challenges for CISOs.  Continue Reading

• Infosec pros weigh in on proposed ransomware payment bans

  Whether for or against a payment ban, security professionals are concerned regulations could negatively affect victims and result in fewer incident disclosures.  Continue Reading

• Ransomware preparedness kicks off 2024 summit series

  BrightTALK commenced the new year with ransomware readiness, giving viewers workable tips to prevent and recover from a devastating attack. Check out some highlights here.  Continue Reading

• Security executives slam Microsoft over latest breach

  Criticisms about Microsoft's breach include the lack of multifactor authentication on the targeted account and the company's approach to disclosing information about the attack.  Continue Reading

• Top 10 types of information security threats for IT teams

  Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and how to prevent them.  Continue Reading

• Top benefits and challenges of SOAR tools

  To ensure successful adoption, IT leaders need to understand the benefits of SOAR tools, as well as potential disadvantages. Explore pros, cons and how to measure SOAR success.  Continue Reading

• Top incident response service providers, vendors and software

  Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options.  Continue Reading

• CISOs on alert following SEC charges against SolarWinds

  The Securities and Exchange Commission announced charges against SolarWinds and its CISO in October, but will it help improve transparency or simply scare infosec executives?  Continue Reading

• How to create a CSIRT: 10 best practices

  The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team.  Continue Reading

• 10 types of security incidents and how to prevent them

  Cyberattacks are more varied and numerous than ever. Learn the key signs of common security incidents and how to respond to keep systems and data safe.  Continue Reading

• How to fix the top 5 cybersecurity vulnerabilities

  Check out how to fix five top cybersecurity vulnerabilities to prevent data loss from poor endpoint security, ineffective network monitoring, weak authentication and other issues.  Continue Reading

• Top 30 incident response interview questions

  Job interviews are nerve-wracking, but preparation can minimize jitters and position you to land the role. Get started with these incident response interview questions and answers.  Continue Reading

• Top incident response tools: How to choose and use them

  The OODA loop helps organizations throughout the incident response process, giving insight into the incident response tools needed to detect and respond to security events.  Continue Reading

• How to become an incident responder: Requirements and more

  Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications.  Continue Reading

• 10 of the biggest zero-day attacks of 2023

  There were many zero-day vulnerabilities exploited in the wild in 2023. Here's a look at 10 of the most notable and damaging zero-day attacks last year.  Continue Reading

• 9 cybersecurity trends to watch in 2024

  Analysts are sharing their cybersecurity trends and predictions for 2024. From zero-day attacks to generative AI security and increased regulations, is your organization ready?  Continue Reading

• The reality behind bypassing EDR attempts

  Attackers have their work cut out for them when it comes to bypassing EDR. Learn about the difficulty of EDR evasion and how to ensure EDR tools catch all threats.  Continue Reading

• How EDR systems detect malicious activity

  Endpoint detection and response tools help SOCs separate benign events from malicious activity. Learn how this EDR function works.  Continue Reading

• How to solve 2 MFA challenges: SIM swapping and MFA fatigue

  While MFA improves account security, attacks still exploit it. Learn about two MFA challenges -- SIM swapping and MFA fatigue -- and how to mitigate them.  Continue Reading

• 5 MFA implementation tips for organizations

  Organizations need to protect user accounts from malicious attackers. IAM expert Marco Fanti offers tips organizations can use when implementing MFA.  Continue Reading

• How passwordless authentication aids identity security

  Enterprise Strategy Group's Jack Poller discusses survey results on user authentication practices and explains the security benefits of passwordless methods.  Continue Reading

• Cybersecurity budgets lose momentum in uncertain economy

  Organizations' increasing prioritization of cybersecurity has protected most programs from major budget cuts. Even so, many CISOs are feeling the pinch.  Continue Reading

• SD-WAN deployments feed SASE network and security convergence

  Enterprise Strategy Group's Bob Laliberte discusses the latest findings in his newly released report and why SD-WAN's direct cloud connectivity feeds SASE business initiatives.  Continue Reading

• What does an IT security manager do?

  IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection.  Continue Reading

• Top 10 tips for employees to prevent phishing attacks

  Share this list of phishing techniques, detection and prevention tips, and best practices to help employees avoid falling victim to phishing schemes.  Continue Reading

• Security posture management a huge challenge for IT pros

  Enterprise Strategy Group's John Oltsik explains why executing security hygiene and posture management at scale remains an uphill battle for organizations, despite automation.  Continue Reading

• Secure service edge strengths drive SASE deployments

  Enterprise Strategy Group's John Grady discusses the latest findings in his newly released report and why businesses won’t start a SASE initiative without first implementing SSE.  Continue Reading

• How to create a SOAR playbook in Microsoft Sentinel

  Using automation through tools such as SOAR and SIEM can improve incident response alert efficiency. One automated feature analysts can use is the SOAR playbook.  Continue Reading

• How SOAR helps improve MTTD and MTTR metrics

  By automating initial incident response tasks, SOAR can help SOC analysts improve MTTD and MTTR metrics and ensure they focus on true positive alerts.  Continue Reading

• How to use dynamic reverse engineering for embedded devices

  In this excerpt from 'Practical Hardware Pentesting,' read step-by-step instructions on how to find vulnerabilities on IoT devices using dynamic reverse engineering.  Continue Reading

• Adopt embedded penetration testing to keep IoT devices secure

  Regular embedded penetration testing can help discover vulnerabilities before attackers do. The author of 'Practical Hardware Pentesting' explains.  Continue Reading

• Why using ransomware negotiation services is worth a try

  If stakeholders decide to pay ransom demands, using a ransomware negotiation service could improve the situation's outcome and lower the payout.  Continue Reading

• Infosec experts divided on SEC four-day reporting rule

  Professionals in the cybersecurity industry voiced concerns and praises of new incident disclosure rules that allow companies four days to report a "material" cyber attack.  Continue Reading

• Enterprise communication security a growing risk, priority

  Enterprise Strategy Group's Dave Gruber discusses survey results on security threats related to the use of email and other communication and collaboration tools.  Continue Reading

• Ransomware case study: Recovery can be painful

  In ransomware attacks, backups can save the day and the data. Even so, recovery can still be expensive and painful, depending on the approach. Learn more in this case study.  Continue Reading

• How to map security gaps to the Mitre ATT&CK framework

  Mapping security gaps to the Mitre ATT&CK framework enables SOC teams to prioritize, remediate and eliminate vulnerabilities before malicious actors exploit them.  Continue Reading

• Wi-Fi AP placement best practices and security policies

  From a security standpoint, Wi-Fi network designers should consider the physical and logical placement of APs, as well as management, segmentation and rogue devices.  Continue Reading

• Get started: Threat modeling with the Mitre ATT&CK framework

  The Mitre ATT&CK framework may seem daunting at first, but it is a key tool that helps SOC teams conduct threat modeling. Learn how to get started.  Continue Reading

• Blockchain security: Everything you should know for safe use

  Despite its reputation, blockchain is subject to many of the same vulnerabilities as other software. It helps to have a clear idea of its inherent strengths and weaknesses.  Continue Reading

• Attack surface reduction rules for Microsoft productivity apps

  Attack surface reduction rules in Microsoft Defender for Endpoint help prevent apps from launching executable files and scripts, running suspicious scripts and more.  Continue Reading

• Manage security posture with Microsoft Defender for Endpoint

  Organizations need to implement security posture management to ensure their cybersecurity strategy can address malicious actions inside and out.  Continue Reading

• Vendors: Threat actor taxonomies are confusing but essential

  Despite concern about the proliferation of naming taxonomies used to identify threat groups, vendors say they are crucial their understanding and visibility into threat activity.  Continue Reading