News, Insight and Analysis

News

• Head of Instagram faces Senate committee grilling

  U.S. Senators are calling for greater regulation of tech companies and social media platforms like Instagram. Continue Reading

• Amazon's harms to small businesses get Senate airing

  Amazon's business practices are facing scrutiny not just in the U.S., but also around the globe. Amazon was hit with a record $1.28 billion antitrust fine this week. Continue Reading

• Planning key to navigating a U.S. government shutdown

  Federal contractors and IT vendors should brush up on plans to navigate a government shutdown as a Dec. 3 funding deadline approaches. Continue Reading

• DOD invites Google, Oracle to bid on JWCC cloud contract

  Google has been invited to bid on the Department of Defense's Joint Warfighter Cloud Capability multi-vendor contract. One analyst says Google is well set up to be a contender. Continue Reading

• US-China commission recommends business transparency

  The U.S. China commission recommended that businesses be transparent about their Chinese operations as both companies and Congress face tough policy and regulatory hurdles. Continue Reading

Get Started

• Top 15 IT security frameworks and standards explained

  Several IT security frameworks and standards exist to help protect company data. Here's advice for choosing the right ones for your organization. Continue Reading

• 22 free cybersecurity tools you should know about

  Cybersecurity products can get pricy, but there are many excellent open source tools to help secure your systems and data. Here's a list of some of the most popular. Continue Reading

• ERM implementation: How to deploy a framework and program

  Enterprise risk management helps organizations proactively manage risks. Here's a look at ERM frameworks that can be used and key steps for implementing a program. Continue Reading

• How to create a remote access policy, with template

  Remote work, while beneficial, presents numerous security risks. Help keep your organization's systems safe with a remote access policy. Continue Reading

• The 5 different types of firewalls explained

  The firewall remains a core fixture in network security. But, with five types of firewalls, three firewall deployment models and multiple placement options, things can get confusing. Continue Reading

Evaluate

• Ransomware payments: Considerations before paying

  To pay or not to pay -- that's the question after a ransomware attack. Law enforcement recommends against it, but that doesn't stop some companies from paying up. Continue Reading

• 17 potential costs of shadow IT

  Companies should be vigilant and consider the significant costs associated with shadow IT. Learn about these overlooked issues and how they affect the organization. Continue Reading

• What are the pros and cons of shadow IT?

  The increase of generative AI, digital natives and remote work drives the rise of shadow IT. CIOs and IT leaders should evaluate the pros and cons to mitigate potential risks. Continue Reading

• Top incident response service providers, vendors and software

  Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading

• Top zero-trust use cases in the enterprise

  Still hesitating to adopt zero trust? Learn about the main zero-trust use cases, as well as its benefits, myths and trends that are beginning to emerge. Continue Reading

Manage

• Red vs. blue vs. purple team: What are the differences?

  Red teams attack, blue teams defend and purple teams facilitate collaboration. Together, they strengthen cybersecurity through simulated exercises and knowledge sharing. Continue Reading

• How to build a cybersecurity culture across your business

  As a company's cyber-risks evolve, so must its culture. Follow these tips to create a strong cybersecurity culture that helps protect your organization from cyberthreats. Continue Reading

• 10 cybersecurity best practices for organizations in 2025

  To improve your organization's cybersecurity program, follow these best practices to safeguard your infrastructure and ensure a quick recovery after a breach. Continue Reading

• 10 key cybersecurity metrics and KPIs your board wants tracked

  Security leaders need cybersecurity metrics to track their programs and inform decision-makers. These 10 metrics and KPIs provide a good foundation for tracking essential activity. Continue Reading

• 5 advantages and 6 disadvantages of open source software

  Open source software is popular with both small and large organizations, and for good reason. But CIOs should understand which situations works best for this lower cost option. Continue Reading

Problem Solve

• Enterprise cybersecurity hygiene checklist for 2025

  Enterprise cybersecurity hygiene must be a shared responsibility between employees and employers. Learn how both can get the job done with this checklist. Continue Reading

• Stop phishing with help from updated DMARC policy handling

  Exchange admins got a boost from Microsoft when it improved how it handles DMARC authentication failures to help organizations fight back from email-based attacks on their users. Continue Reading

• How to rank and prioritize security vulnerabilities in 3 steps

  Vulnerability management programs gather massive amounts of data on security weaknesses. Security teams should learn how to rank vulnerabilities to quickly fix the biggest issues. Continue Reading

• How to build a shadow IT policy to reduce risks, with template

  With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading

• Top 6 challenges of a zero-trust security model

  Zero trust has a number of challenges, but because the model is highly beneficial, it's important for organizations to learn how to overcome them. Continue Reading