Features

Features

Information security risk management

• Your third-party risk management best practices need updating

  Organizations must modernize third-party risk management best practices to adapt to the changing technology landscape. Diversify risk assessments with these expert tips.  Continue Reading

• Top tips for using the Kali Linux pen testing distribution

  It's the best Linux distro for penetration testers' toolkits, but it's not just any Linux. Get tips on Kali Linux pen testing from project lead Jim O'Gorman.  Continue Reading

• Using DNS RPZ to pump up cybersecurity awareness

  Combining DNS with threat intelligence feeds could hold a key to improving cybersecurity awareness by educating users who attempt to access potentially malicious websites.  Continue Reading

• New evasive spear phishing attacks bypass email security measures

  Researchers identified a new email security threat: evasive spear phishing attacks, which take months of investigation and social engineering to coordinate.  Continue Reading

• How does AttackSurfaceMapper help with attack surface mapping?

  A new open source pen testing tool expedites attack surface mapping -- one of the most important aspects of any penetration testing engagement.  Continue Reading

• How to identify and evaluate cybersecurity frameworks

  Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one.  Continue Reading

• Why is third-party risk management essential to cybersecurity?

  Attackers know third parties hold many of the keys to the enterprise network, so third-party risk management is crucial for security professionals.  Continue Reading

• Lack of cybersecurity skills fuels workforce shortage

  Cybersecurity researcher Bob Duhainy discusses the cybersecurity skills shortage and provides suggestions about how companies can close the gap to avoid future risk.  Continue Reading

• For board of directors, cybersecurity literacy is essential

  For boards of directors to meet their business goals, CISOs need a seat at the table. Through her initiative BoardSuited, Joyce Brocaglia aims to pave the way.  Continue Reading

• Fitting cybersecurity frameworks into your security strategy

  Whatever an organization's culture, effective use of a security framework requires understanding business goals and program metrics, and demands leadership communication.  Continue Reading

• Tackling IT security awareness training with a county CISO

  A Michigan county CISO says government workers are under siege by cybercriminals. In this case study, he shares how his IT security awareness training strategy has evolved.  Continue Reading

• Digital transformation redefines cybersecurity skills, careers

  The move toward digital business processes has forced companies to reconsider how they find cybersecurity talent, but finding the right skills may be easier than CISOs think.  Continue Reading

• Portrait of a CISO: Roles and responsibilities

  Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate.  Continue Reading

• Comparing EDR tools: Cybereason vs. CrowdStrike vs. Carbon Black

  Learn how tools from leading EDR vendors Cybereason, CrowdStrike and Carbon Black compare when it comes to helping security teams fight endpoint threats and respond to incidents.  Continue Reading

• Top incident response tools to boost network protection

  Incident response tools can help organizations identify, prevent and respond to malware exploits, ransomware and other targeted cybersecurity attacks.  Continue Reading