Get started

Data security strategies and governance

• New network traffic analysis tools focus on security

  Companies have used traffic data analytics to improve bandwidth and network performance. Now, though, a new class of tools taps network data to improve security. Continue Reading

• Network traffic analysis tools secure a new, crucial role

  Gartner just produced its first-ever guide to network traffic analytics security tools. Learn how the analysis of network traffic is broadening to include network security. Continue Reading

• How does an island hopping attack work?

  Hackers know better than to directly attack a well-defended target; learn how they use island hopping attack strategies to elude defenders -- and how best to repel them. Continue Reading

• 5 ways to achieve a risk-based security strategy

  Learn five steps to implement a risk-based security strategy that naturally delivers compliance as a consequence of an improved security posture. Continue Reading

• Top 7 IT security frameworks and standards explained

  Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading

• Definitions to Get Started

  • identity and access management (IAM)
  • information security (infosec)
  • steganography
  • pen test (penetration testing)

  • honeypot (computing)
  • National Security Agency (NSA)
  • physical security
  • user account provisioning

  View All Definitions

• identity and access management (IAM)

  Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.Continue Reading

• Huawei ban highlights 5G security issues CISOs must tackle

  Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.Continue Reading

• information security (infosec)

  Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information.Continue Reading

• How to perform an ICS risk assessment in an industrial facility

  An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.Continue Reading

• steganography

  Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.Continue Reading

• pen test (penetration testing)

  Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.Continue Reading

• honeypot (computing)

  A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.Continue Reading

• Cybersecurity defense in depth means more than ticking boxes

  F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks.Continue Reading

• How to do risk management in cybersecurity using ERM

  Perfect security is impossible, but using risk management in cybersecurity using a range of strategies can significantly reduce your organization’s risk.Continue Reading

• Cyber-risk strategies and models for a post-perimeter age

  Cyber-risky business: The notion of the security perimeter has grown quaint. If a firewall is insufficient, where does IT turn to answers on how to protect assets?Continue Reading