Security Experts:

Management & Strategy
long dotted


Positive Technologies is one of the Russian tech companies sanctioned by the United States for supporting Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.” [Read More]
Google Project Zero announces changes to its vulnerability disclosure policy, and says it will give users more time to install patches before disclosing bug details. [Read More]
A software supply chain attack against a widely used continuous integration (CI) software development tool went undetected for four months and now security teams are scrambling to figure out which sensitive secrets were stolen. [Read More]
A majority of the largest energy companies in the US don’t properly protect their domain names, according to a new report. [Read More]
NVIDIA unveils Morpheus, a cloud-native application framework designed to help cybersecurity providers analyze more data without sacrificing performance. [Read More]
Capcom says data of 15,649 people was compromised and its internal systems are near to completely restored. [Read More]
Despite the coronavirus pandemic, 2020 was a record year for cybersecurity in terms of VC funding, reaching $7.8 billion invested globally. [Read More]
FBI agents executed a court-authorized cyber operation to delete malicious web shells from hundreds of previously hacked Microsoft Exchange servers in the United States, unbeknownst to their owners. [Read More]
A new Google Chrome point-update to patch a pair of under-attack security vulnerabilities affecting Windows, MacOS and Linux users [Read More]
A former Kansas utility worker has been charged with remotely tampering with a public water system’s cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Gordon Lawson's picture
Everyone is familiar with the three legs of cybersecurity stool: people, processes and technology. But most companies typically invest in just one area – technology.
AJ Nash's picture
Even if the best strategies and policies are created and uniformly agreed upon across all government and private sector domains, none of that will matter if the talent to execute does not exist.
Tim Bandos's picture
While it’d be impossible to dig into all of the requests I’ve received over the years, here are some of the types of requests we’ve received that may make sense for you to ask your own managed security provider.
Gunter Ollmann's picture
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
William Lin's picture
“What’s hot right now in security?” is one of the most common questions I hear from CISOs, vendors and VCs alike.
Marc Solomon's picture
To gain a comprehensive understanding of the threats you are facing and what you must defend, you need to start by aggregating internal data from across the entire ecosystem
Torsten George's picture
Cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Yaniv Vardi's picture
Supply chain cyber risk is complicated and spans the entire lifecycle of a product—across design, manufacturing, distribution, storage, and maintenance.
Marc Solomon's picture
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
Marc Solomon's picture
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.