Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft says its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform. [Read More]
The new sanctions designate Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for engaging in cyber-enabled activities against the United States and its allies. [Read More]
Microsoft security teams share details on ransomware attacks linked to DEV-0270, a subgroup of Iran-linked Phosphorus. [Read More]
The latest funding was led by CIBC Innovation Banking and brings the total raised by the Maryland start-up to $100 million. [Read More]
Forty-one cybersecurity-related M&A deals were announced in August 2022. [Read More]
Zyxel has released patches for a format string vulnerability impacting the firmware of multiple NAS device models. [Read More]
A group of academic researchers have designed an open source Node.js vulnerability hunting tool that has already identified 180 security flaws. [Read More]
Atlassian said the vulnerability carries a CVSS severity score of 9.9 out of 10 and can be exploited remotely to launch code execution attacks. [Read More]
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information. [Read More]
Texas startup BalkanID scores additional financing for technology in the Identity Governance and Administration (IGA) space. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Marie Hattar's picture
It is a good idea to assume that your network has already been breached, even if no overtly malicious notifications have surfaced.
Marc Solomon's picture
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.
Torsten George's picture
While it might be overwhelming to look at the critical threats on the horizon you need to prepare for, focusing on these predictions for 2022 will help you strengthen your security posture and minimize your organization’s risk exposure.
Torsten George's picture
Before the next Cybersecurity Awareness Month comes along, companies across all industries should consider moving to a Zero Trust approach, powered by additional security measures such as MFA and endpoint resilience.
William Lin's picture
While there still isn’t a clear industry-accepted answer to Vendor risk management (VRM), there has been more interest in staying on top of and learning about the latest in this space.
Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
William Lin's picture
After every company goes through digital transformation, their threat model will change in response.
Derek Manky's picture
As we see an increasing number of recent attacks against critical infrastructure – cybersecurity and physical security can be intrinsically linked.