Positive Technologies is one of the Russian tech companies sanctioned by the United States for supporting Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.” [Read More]
Google Project Zero announces changes to its vulnerability disclosure policy, and says it will give users more time to install patches before disclosing bug details. [Read More]
A software supply chain attack against a widely used continuous integration (CI) software development tool went undetected for four months and now security teams are scrambling to figure out which sensitive secrets were stolen. [Read More]
NVIDIA unveils Morpheus, a cloud-native application framework designed to help cybersecurity providers analyze more data without sacrificing performance. [Read More]
Despite the coronavirus pandemic, 2020 was a record year for cybersecurity in terms of VC funding, reaching $7.8 billion invested globally. [Read More]
FBI agents executed a court-authorized cyber operation to delete malicious web shells from hundreds of previously hacked Microsoft Exchange servers in the United States, unbeknownst to their owners. [Read More]
A former Kansas utility worker has been charged with remotely tampering with a public water system’s cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers. [Read More]
Everyone is familiar with the three legs of cybersecurity stool: people, processes and technology. But most companies typically invest in just one area – technology.
Even if the best strategies and policies are created and uniformly agreed upon across all government and private sector domains, none of that will matter if the talent to execute does not exist.
While it’d be impossible to dig into all of the requests I’ve received over the years, here are some of the types of requests we’ve received that may make sense for you to ask your own managed security provider.
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
To gain a comprehensive understanding of the threats you are facing and what you must defend, you need to start by aggregating internal data from across the entire ecosystem
Supply chain cyber risk is complicated and spans the entire lifecycle of a product—across design, manufacturing, distribution, storage, and maintenance.
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.