Information security policies, procedures and guidelines news, help and research

Information security policies, procedures and guidelines News

August 19, 2021 19 Aug'21
CISA offers ransomware response guidelines to organizations

In its new ransomware prevention and response guide, CISA 'strongly discourages paying a ransom,' citing the potential to embolden threat actors and fund illicit activity.
August 05, 2021 05 Aug'21
Researchers argue action bias hinders incident response

A Black Hat 2021 session focused on the human instinct to act immediately after a cyber attack and how that can negatively impact incident response.
August 05, 2021 05 Aug'21
CISA director announces 'Joint Cyber Defense Collaborative'

The Joint Cyber Defense Collaborative, or JCDC, is a partnership between the public and private sectors to create and implement comprehensive national cybersecurity plans.
July 21, 2021 21 Jul'21
Guide to the latest Black Hat 2021 Conference news

This Black Hat 2021 guide offers readers breaking news, trending topics and technical expert insights from one of the leading cybersecurity conferences.

Bring yourself up to speed with our introductory content

security policy

A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets. Continue Reading
How to use the NIST framework for cloud security

Aligning the NIST Cybersecurity Framework with cloud services such as AWS, Azure and Google Cloud can improve cloud security. Read how to best use the framework for the cloud. Continue Reading
What is cybersecurity?

Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Why companies should use AI for fraud management, detection

AI is involved in many cybersecurity processes. Now it's making inroads in fraud management and detection. The benefits, however, are not without AI's nagging bias challenge. Continue Reading
The differences between open XDR vs. native XDR

With extended detection and response, security teams get improved threat analytics and response capabilities. Here's what they need to know to choose the right type of XDR. Continue Reading
Inept cybersecurity education and training feed into skills gap

Learn why former infosec instructor and author of 'How Cybersecurity Really Works' advocates for changes to security education and training to alleviate the industry skills gap. Continue Reading

Learn to apply best practices and optimize your operations.

7 tips for building a strong security culture

Cybersecurity isn't just IT's responsibility. Use these seven tips to build a security culture where employees and IT work together to keep their organization safe. Continue Reading
Automate app security with SaaS security posture management

Keeping track of cloud application security settings and configurations businesswide is no easy task. Automate this cumbersome task with SSPM. Continue Reading
Cybersecurity contingency planning needs a face-lift

Following the unexpected craziness of 2020, companies need to sit down and revamp their cybersecurity contingency plan to ensure their business continuity. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Collaboration tool security: How to avoid common risks

As the use of collaborations tools and platforms surges, new research from Metrigy emphasizes organizations need to focus on collaboration tool security to reduce risk. Continue Reading
Use business email compromise training to mitigate risk

Effective BEC training can prevent scams designed to exploit the brain's automatic responses. It starts by teaching employees to slow down and make the unconscious conscious. Continue Reading
5 cybersecurity lessons from the SolarWinds breach

Ransomware attack simulations, accessing enterprise logs and pen testing software code are among the best practices cybersecurity pros suggest following the SolarWinds breach. Continue Reading