Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Early stage cyber deals continue to surge in terms of valuation and round size, and cyber may be more resilient to economic conditions compared to other verticals. [Read More]
Application security startup StackHawk raises $20.7 million in a new investment round co-led by Sapphire Ventures and Costanoa Ventures. [Read More]
Omnicell noted in a Form 10-Q filing with the US SEC that the incident impacted internal systems and products and services. [Read More]
Microsoft patches at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. [Read More]
Israeli venture capital outfit YL Ventures plans to invest in seed-stage rounds of approximately 10 cybersecurity startups at a pace of 3 startups per year [Read More]
IoCs and other resources have been made available for the actively exploited BIG-IP vulnerability tracked as CVE-2022-1388. [Read More]
Microsoft launched new managed services styled as a combination of technologies, threat intelligence and skilled personnel to help businesses hunt for signs of compromise or outsource the handling of detection and response incidents. [Read More]
One year after the cyberattack, the US Department of Transportation has proposed a fine of nearly $1 million to Colonial Pipeline over control room management failures. [Read More]
CRV and Insight Partners led a $100 million investment round for Zero Trust VPN provider Tailscale. [Read More]
Attackers used a compromised token for a Heroku machine account to access the company’s environment and steal GitHub integration OAuth tokens. [Read More]

FEATURES, INSIGHTS // Management & Strategy

rss icon

Torsten George's picture
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
Joshua Goldfarb's picture
While there are many approaches to successfully accomplishing cross-team security initiatives, these seven points are helpful when working to push these efforts across the finish line.
Jeff Orloff's picture
When organizations adopt a broader yet more focused framework for cybersecurity staffing, they’re suddenly positioned to gain a clear competitive advantage in the labor market.
John Maddison's picture
Cybersecurity deployments have become as complex as the networks they are trying to protect. And that’s not a good thing.
Marc Solomon's picture
An open integration architecture provides the greatest access to data from technologies, threat feeds and other third-party sources, and the ability to drive action back to those technologies once a decision is made.
Gordon Lawson's picture
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Joshua Goldfarb's picture
The right to work is one of the most fundamental professional rights. Those who actively threaten or work against this right act against the interests of the security community as a whole.
Keith Ibarguen's picture
I would like to suggest a New Year’s Resolution for my peers in the security industry: Focus on the outcome the other person is seeking, and if you agree with it, help make it happen.
Torsten George's picture
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
Landon Winkelvoss's picture
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.