Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cisco has issued another warning over the use of counterfeit switches, advising customers to update the software on devices before they are onboarded. [Read More]
Mandiant warns that a new threat actor is using backdoors to remain undetected for "an order of magnitude longer than the average dwell time of 21 days in 2021." [Read More]
Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million. [Read More]
Researchers at Microsoft find a way to exploit for a pair of privilege escalation flaws to plant a root backdoor on Linux systems. [Read More]
Strider closes a $45 million Series B funding round led by Valor Equity Partners. [Read More]
German wind turbine giant Deutsche Windtechnik discloses disruptive ransomware compromise. [Read More]
CISA has added former DNC and Yahoo CISO Bob Lord to its stable of technical advisors. [Read More]
South American startup Strike Security has secured $5.4 million to fund an ambitious plan to disrupt the penetration testing and attack surface management business. [Read More]
Motorola Solutions announces the Public Safety Threat Alliance, a cyber threat intelligence sharing hub for the public safety community. [Read More]
Google and Mandiant separately warn that nation-state APT actors, ransomware gangs and private mercenary exploit firms are burning through zero-days at record pace. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Marc Solomon's picture
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.
Torsten George's picture
While it might be overwhelming to look at the critical threats on the horizon you need to prepare for, focusing on these predictions for 2022 will help you strengthen your security posture and minimize your organization’s risk exposure.
Torsten George's picture
Before the next Cybersecurity Awareness Month comes along, companies across all industries should consider moving to a Zero Trust approach, powered by additional security measures such as MFA and endpoint resilience.
William Lin's picture
While there still isn’t a clear industry-accepted answer to Vendor risk management (VRM), there has been more interest in staying on top of and learning about the latest in this space.
Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
William Lin's picture
After every company goes through digital transformation, their threat model will change in response.
Derek Manky's picture
As we see an increasing number of recent attacks against critical infrastructure – cybersecurity and physical security can be intrinsically linked.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.