Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A global study of 550 organizations finds the average cost of a data breach reaching all-time high of $4.35 million as businesses struggle with ransomware and lack of zero trust principles. [Read More]
At its re:Inforce 2022 conference, AWS announced several enhancements to its cloud security, privacy and compliance offerings, and the launch of a new Customer Incident Response Team (CIRT). [Read More]
Reports say a Greek lawmaker in the European Parliament was targeted with malicious links trying to plant the Predator spyware program. [Read More]
A study of the evolution of cybercrime suggests the threat will only get worse as financially motivated malware gangs start to mimic the operations of legitimate businesses. [Read More]
Prominent cybersecurity executive Katie Moussouris is calling on the U.S. government to resist the urge to match China’s reported mandates around early vulnerability disclosure directly to the government. [Read More]
Redmond's Salus tool works across platforms including Windows, Linux, and Mac to generate SBOMs based on the SPDX specification. [Read More]
Microsoft issues an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system. [Read More]
Adobe rolls out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented security vulnerabilities. [Read More]
Emsisoft has released free decryptors for the AstraLocker ransomware variants to help victims recover data. [Read More]
Election officials preparing for the upcoming midterms face a myriad of threats, both foreign and domestic, as they look to protect voting systems and run a smooth election while fighting a wave of misinformation. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Jeff Orloff's picture
The Defense Readiness Index is a reliable alternative for assessing a security team’s skill level, developing a roadmap for improving cyber competencies, and reaching the optimal level of cyber security readiness.
Gordon Lawson's picture
The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach.
Torsten George's picture
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
Landon Winkelvoss's picture
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Keith Ibarguen's picture
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
Laurence Pitt's picture
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
Torsten George's picture
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
Gordon Lawson's picture
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Torsten George's picture
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
Landon Winkelvoss's picture
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.