Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Israeli startup raises new capital to build technology that automates the security and management of SaaS applications. [Read More]
The funding will help the company expand its third-party identity risk platform and will support growth in existing and new markets. [Read More]
Senators have introduced a new bill that would require critical infrastructure organizations to report cyberattacks to CISA, and private entities to report ransomware payments. [Read More]
Researchers discover a threat actor setting up a fake Amnesty International website to distribute phony anti-virus software. [Read More]
By responding to a series of questions, organizations can check whether they are vulnerable to insider threats. [Read More]
Mariana Trench is an open-source tool that Facebook's security team has used internally to identify vulnerabilities in Android and Java applications. [Read More]
CISA is telling organizations to patch their Hikvision cameras, just as the FCC announced taking steps toward removing Chinese equipment from U.S. networks. [Read More]
Cyber insurance company Coalition has raised $205 million at a $3.5 billion valuation. The firm has raised more than $500 million to date. [Read More]
Broken Access Control becomes the top category with the most commonly encountered Common Weakness Enumerations (CWEs). [Read More]
The four countries will support new initiatives to improve the resilience of critical infrastructure against cyberattacks. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Laurence Pitt's picture
School network administrators should be taking precautions to prepare for the new challenges of the upcoming academic year.
Torsten George's picture
Cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Yaniv Vardi's picture
Supply chain cyber risk is complicated and spans the entire lifecycle of a product—across design, manufacturing, distribution, storage, and maintenance.
AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Torsten George's picture
While the SolarWinds hack is not the first supply chain attack to make headlines, its sophistication and blast radius is forcing organizations to consider how they can minimize their exposure to these types of threats in the future.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Laurence Pitt's picture
Many security teams will have to reduce budget against projects scheduled for 2021, with funds being re-allocated to pandemic-related business and workforce enablement
Tim Bandos's picture
Keeping a ‘six foot distance’ between our digital home life and digital work life can go a long way when it comes to safeguarding our most sensitive data, too.
AJ Nash's picture
Knowing that threat intelligence is readily available and proving its worth is one thing, understanding how to use it within your security operations program is quite another.