Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Feature
20 Dec 2024
Identity and access management tools and features for 2025
The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
19 Dec 2024
Add gamification learning to your pen testing training playbook
Organizations that embrace gamification in their pen testing training are better positioned to build and maintain the skilled security teams needed to address evolving threats. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Tip
08 Aug 2022
10 top open source security testing tools
From Kali Linux to Mimikatz to Metasploit, learn about 10 open source penetration testing tools organizations can use to determine how secure their network is. Continue Reading
By- Ed Moyle, Drake Software
-
News
08 Aug 2022
VMware: The threat of lateral movement is growing
The majority of incident response professionals surveyed for VMware's 'Global Incident Response Threat Report' observed lateral movement in at least some attacks in the past year. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
05 Aug 2022
Importance of enterprise endpoint security during a pandemic
Enterprises often focus greatly on communications security and less on endpoint security. Review the importance of enterprise endpoint security and best practices to implement it. Continue Reading
By- Kyle Johnson, Taylor & Francis
-
Feature
02 Aug 2022
The importance of data security in the enterprise
Three industry experts discuss the criticality of data security in the enterprise, including the significance of data breaches and compliance regulations. Continue Reading
-
Tip
01 Aug 2022
Top 10 UEBA enterprise use cases
The top user and entity behavior analytics use cases fall in cybersecurity, network and data center operations, management and business operations. Check out the risks. Continue Reading
By- John Burke, Nemertes Research
-
Feature
29 Jul 2022
10 biggest data breaches in history, and how to prevent them
Did you know the biggest data breach in history exposed a whopping 3 billion records? Learn more about the largest data breaches and get advice on how to prevent similar attacks. Continue Reading
By- Isabella Harford, TechTarget
-
Tip
28 Jul 2022
How to perform a data risk assessment, step by step
Organizations need confidence that they are properly identifying and protecting sensitive data. Follow these five steps to create a data risk assessment. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Guest Post
26 Jul 2022
3 ways to help cybersecurity pros avoid burnout
Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading
By- Chloé Messdaghi
-
Tip
22 Jul 2022
Top 10 enterprise data security best practices
To protect your organization's data and prevent its misuse, incorporate these 10 data security best practices into your enterprise data security strategy. Continue Reading
By- Charles Kolodgy, Security Mindsets
-
Feature
21 Jul 2022
How to create a data security policy, with template
Are you looking to create or update your organization's data security policy? Learn about the key elements of a data security policy, and use our free template to get started. Continue Reading
By -
News
21 Jul 2022
SynSaber: Only 41% of ICS vulnerabilities require attention
The industrial cybersecurity vendor analyzed 681 ICS vulnerabilities that were disclosed this year and found many had a low probability of exploitation. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
20 Jul 2022
data compliance
Data compliance is a process that identifies the applicable governance for data protection, security, storage and other activities and establishes policies, procedures and protocols ensuring data is fully protected from unauthorized access and use, malware and other cybersecurity threats. Continue Reading
By -
Feature
20 Jul 2022
VMDR: Inside vulnerability management, detection and response
VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool? Continue Reading
By- Kyle Johnson, Technology Editor
-
News
20 Jul 2022
Sophos launches cross-operational task force X-Ops
The Sophos X-Ops team aims to create an AI-assisted security operations center using the cybersecurity vendor's research and threat response teams. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
19 Jul 2022
Cyber-war game case study: Preparing for a ransomware attack
In this real-world cyber-war game case study, an exercise on ransomware preparedness helped a company discover shortcomings in its incident response plan. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Tip
14 Jul 2022
SecOps vs. CloudSecOps: What does a CloudSecOps team do?
Now, more than ever, organizations need to build controls, monitor and enact security response activities for the cloud. This is where the CloudSecOps team comes into play. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Feature
08 Jul 2022
Clearing up cybersecurity architecture confusion, challenges
There's no lack of cybersecurity frameworks, but there is a lack of resources to help small and midsize organizations build a cybersecurity architecture -- until now. Continue Reading
By- Sharon Shea, Executive Editor
-
Feature
08 Jul 2022
4 criteria to measure cybersecurity goal success
Measuring the success of cybersecurity goals is challenging because they are components of larger goals and often probabilistic rather than deterministic. Continue Reading
By- Sharon Shea, Executive Editor
- Packt Publishing
-
Tip
07 Jul 2022
How to create a critical infrastructure incident response plan
Does your organization have an incident response plan for disruptions to critical infrastructure? Learn how to write a successful plan for your company. Continue Reading
By -
Feature
05 Jul 2022
A 'CISO evolution' means connecting business value to security
As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Tip
28 Jun 2022
Do you meet all the modern authentication requirements?
Microsoft's push to a more secure method for user authentication and authorization could catch some enterprises flat-footed if IT hasn't done its homework. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
-
Tip
28 Jun 2022
Negotiating a golden parachute clause in a CISO contract
If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading
By- Jerald Murphy, Nemertes Research
-
Feature
27 Jun 2022
How to determine out-of-scope bug bounty assets
What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.' Continue Reading
By- Kyle Johnson, Technology Editor
- Wiley Publishing
-
Feature
27 Jun 2022
An enterprise bug bounty program vs. VDP: Which is better?
Creating a bug bounty or vulnerability disclosure program? Learn which option might prove more useful, and get tips on getting a program off the ground. Continue Reading
By- Kyle Johnson, Technology Editor
-
Tutorial
27 Jun 2022
How to set up Exchange Online modern authentication
Microsoft plans to tighten up security on its hosted email platform to prevent attackers from gaining access to user credentials. Is your organization ready? Continue Reading
By- Reda Chouffani, Biz Technology Solutions
- Nathan O'Bryan, Planet Technologies
-
News
23 Jun 2022
Access management issues may create security holes
Employees who aren't credentialed to access corporate systems to do their jobs find ways around the red tape that could lead to security breaches. Continue Reading
-
News
22 Jun 2022
Ongoing PowerShell security threats prompt a call to action
Although PowerShell poses an ongoing risk to enterprise security as a post-exploitation tool, authorities strongly advise against disabling it completely. Continue Reading
By- Arielle Waldman, News Writer
-
News
22 Jun 2022
Proofpoint: Social engineering attacks slipping past users
Executives, administrators and network defenders overlook the severity of many of the most effective social engineering tools, Proofpoint cautions. Continue Reading
-
Guest Post
21 Jun 2022
How to address security risks in GPS-enabled devices
GPS-enabled devices not only pose personal risks but also pose risks to organizations. Learn about the security risks associated with tracking devices and how to address them. Continue Reading
By- Nabil Hannan
-
News
21 Jun 2022
Forescout discloses 'OT:Icefall,' 56 flaws from 10 vendors
The OT:Icefall vulnerabilities come from 10 operational technology vendors that make hardware for critical infrastructure, including Emerson, Honeywell, Motorola and more. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Jun 2022
Healthcare breaches on the rise in 2022
According to U.S. government data, the number of healthcare breaches in the first five months of 2022 has nearly doubled from the same period last year. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
09 Jun 2022
CrowdStrike demonstrates dangers of container escape attacks
CrowdStrike gave a live demonstration at RSA Conference 2022 of how an attacker can use a recently discovered Kubernetes flaw to obtain full control over a container's host system. Continue Reading
-
News
08 Jun 2022
CISA director promotes collaboration and trust at RSAC 2022
Jen Easterly said there's growing momentum for stronger collaboration and communication between government agencies like CISA and private-sector cybersecurity companies. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
07 Jun 2022
Cisco Talos: Destructive malware, supply chain attacks rising
At RSA Conference 2022, Cisco Talos discussed how adversaries have evolved and changed their tactics, leading to major shifts in the threat landscape. Continue Reading
By- Arielle Waldman, News Writer
-
News
07 Jun 2022
Microsoft flags common pitfalls for cyber insurance
Cyber insurance is getting more expensive and tougher to acquire. At RSA Conference 2022, Microsoft's Cynthia James discussed the common mistakes made when obtaining coverage. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
Tip
07 Jun 2022
8 benefits of DevSecOps automation
DevSecOps automation can help organizations scale development while adding security, as well as uniformly adopt security features and reduce remedial tasks. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
07 Jun 2022
Microsoft details zero-trust transition, challenges
Over the past three years, Microsoft has moved to a zero-trust framework. Security engineers outlined the transition and its challenges during a session at RSA Conference 2022. Continue Reading
By- Arielle Waldman, News Writer
-
News
07 Jun 2022
DNI Avril Haines: Cybersecurity is getting harder
During her RSA Conference 2022 keynote, the U.S. Director of National Intelligence discussed the increase in cyber threats, from nation-state attacks to commercial hacking tools. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Jun 2022
Conti ransomware group targeted Intel firmware tools
A pair of Intel firmware management platforms were targeted by the notorious Conti ransomware group to create new attack techniques, according to Eclypsium researchers. Continue Reading
-
Feature
01 Jun 2022
How ransomware kill chains help detect attacks
Reconstructing cyber attacks is a key step in incident response. Learn how ransomware kill chains can help security teams detect and mitigate the consequences of an attack. Continue Reading
By- Isabella Harford, TechTarget
-
Feature
01 Jun 2022
How to improve cyber attack detection using social media
Social media has cybersecurity pros and cons. One benefit is that it can help improve cyber attack detection. These four real-world examples show how. Continue Reading
By- Isabella Harford, TechTarget
- Packt Publishing
-
News
01 Jun 2022
Hackers ransom 1,200 exposed Elasticsearch databases
An extensive extortion operation didn't need exploits or vulnerabilities to take over more than 1,200 Elasticsearch databases and demand bitcoin payments, according to Secureworks. Continue Reading
-
Feature
01 Jun 2022
How to design architecture for enterprise wireless security
Learn about a five-phase design methodology that will help your company plan for and create an enterprise wireless security architecture. Continue Reading
By- Kyle Johnson, Technology Editor
- Wiley Publishing
-
Tip
26 May 2022
Top 4 source code security best practices
Software supply chain attacks are on the rise. Follow these source code best practices to protect both in-house and third-party code. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
News
24 May 2022
Developers targeted by poisoned Python library
A developer's expired domain led to a threat actor taking control of an open source library and poisoning it with malware that could steal private keys for AWS instances. Continue Reading
-
News
24 May 2022
MFA technology is rapidly evolving -- are mandates next?
The evolving landscapes of both the modern workplace and cyberthreats have paved the way for some organizations to require multifactor authentication protection. Will others join? Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
Tip
20 May 2022
How to counter insider threats in the software supply chain
Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain. Continue Reading
By -
News
19 May 2022
QNAP devices hit by DeadBolt ransomware again
DeadBolt ransomware is once again targeting QNAP's NAS devices, and the vendor is urging customers to patch immediately. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
19 May 2022
How to conduct a cyber-war gaming exercise
A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
18 May 2022
CISA calls out security misconfigurations, common mistakes
Poor security practices and misconfigured controls are allowing threat actors to compromise enterprise networks. Continue Reading
By- Arielle Waldman, News Writer
-
News
17 May 2022
North Korean IT workers targeting US enterprises
North Korean nationals are looking to land jobs at U.S. and European companies to collect sensitive data that could help the reclusive government's military programs. Continue Reading
-
Guest Post
17 May 2022
5 steps to ensure a successful access management strategy
Access management is top of mind for organizations, especially in the hybrid workspace. Follow these five steps to create an access management strategy that benefits all users. Continue Reading
By- Michael Kelley
-
Tip
16 May 2022
How micropatching could help close the security update gap
Countless known but unpatched vulnerabilities pose significant, ongoing risk to the typical enterprise. Learn how micropatching could help close the security update gap. Continue Reading
By -
Tip
12 May 2022
3 ways to apply security by design in the cloud
Applying security-by-design principles to the cloud may not seem straightforward, but there are several ways to do so. These three areas are a good place to start. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
11 May 2022
Critical F5 vulnerability under exploitation in the wild
A remote code vulnerability in F5 BIG-IP network appliances is now being scanned for by threat actors, and some experts have observed exploitation in the wild. Continue Reading
-
News
11 May 2022
US, allies warn of nation-state attacks against MSPs
The joint advisory did not name any specific nation-states, though co-sponsor agencies expect threat actors to 'step up their targeting' of managed service providers (MSPs). Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
10 May 2022
Microsoft modern authentication deadline looms over Exchange
Support for basic authentication will end this year, giving administrators who haven't switched to a newer authentication method little time to prepare for a smooth transition. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
-
Tip
09 May 2022
The top secure software development frameworks
Keeping security top of mind when developing software is paramount. Learn how to incorporate security into the SDLC with the top secure software development frameworks. Continue Reading
By -
News
04 May 2022
Winnti threat group rides again with IP theft campaign
A Chinese cyberespionage campaign, dubbed 'Operation CuckooBees' by Cybereason, went unnoticed for years as spies siphoned off intellectual property from companies. Continue Reading
-
Feature
03 May 2022
Cyber-war gaming: A cybersecurity tabletop exercise
Based off military war games, cyber-war gaming examines a company's security posture. Learn how it works, the readiness needed, who should be involved and more. Continue Reading
By- Kyle Johnson, Technology Editor
-
Feature
02 May 2022
Do phishing simulations work? Sometimes
Phishing simulations are becoming increasingly popular to pinpoint which employees fall victim to scams, but their effectiveness and morality have been called into question. Continue Reading
By- Isabella Harford, TechTarget
-
Tip
29 Apr 2022
Is cloud critical infrastructure? Prep now for provider outages
The cloud has quickly become critical infrastructure to many organizations. Learn about the top cloud provider outages, and discover tips on preventing disruption during downtime. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Feature
28 Apr 2022
Case study: Why it's difficult to attribute nation-state attacks
If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
By- Isabella Harford, TechTarget
- No Starch Press
-
Feature
28 Apr 2022
Tips for using a threat profile to prevent nation-state attacks
Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading
By- Isabella Harford, TechTarget
-
Feature
27 Apr 2022
How to conduct Linux privilege escalations
Learn how to conduct Linux kernel exploitation with Metasploit and manually, as well as how to identify vulnerabilities on Linux using enumeration scripts. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Tip
27 Apr 2022
Best practices for creating an insider threat program
A thorough insider threat program includes plan preparation, threat assessment, and plan review and renewal. Learn how to implement this three-step model to protect your company. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
Feature
22 Apr 2022
Unethical vulnerability disclosures 'a disgrace to our field'
The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Tip
21 Apr 2022
7 best practices for Web3 security risk mitigation
Tech builders and businesses evaluating decentralized technologies should keep these seven Web3 security best practices in mind to help mitigate traditional and novel cyber threats. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
Feature
21 Apr 2022
10 critical people skills today's CIOs and IT leaders need
Learn about 10 of the most important soft skills -- from communication to empathy -- and why they are critical to successful technology leadership. Continue Reading
-
News
15 Apr 2022
Corvus: Ransomware costs, ransom payments declining
Cyber insurance provider Corvus examined how the cost of ransomware attacks declined over the past year and a half and what it means for different industries moving forward. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
Tip
14 Apr 2022
The benefits and challenges of managed PKIs
Managing a public key infrastructure is a difficult task. Discover the benefits and challenges of PKI as a service to determine if managed PKI would benefit your organization. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
News
12 Apr 2022
Synopsys: Enterprises struggling with open source software
To curb open source risk, Synopsys advises enterprises to keep a comprehensive inventory of all software within its environment and to understand that securing open source requires strong management. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
11 Apr 2022
6 enterprise secure file transfer best practices
Employees can share files with the click of a button -- but don't let the efficiency fool you. Use these secure file transfer best practices to avoid exposing confidential data. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
11 Apr 2022
Apple Security Bounty improves, but problems remain
Security researchers told SearchSecurity that Apple Security Bounty improved its communication earlier this year, which had been a key issue for participants. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
07 Apr 2022
Should companies ask for a SaaS software bill of materials?
Though it isn't commonplace to ask for a SaaS software bill of materials, one can be beneficial for both SaaS providers and their customers. Learn why. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
07 Apr 2022
Pen testing guide: Types, steps, methodologies and frameworks
Penetration testing helps organizations find security vulnerabilities before hackers do. Uncover details about pen testing steps, methodologies, frameworks and standards. Continue Reading
By -
Feature
05 Apr 2022
How effective is security awareness training? Not enough
Annual security awareness trainings do little to improve security. Learn why they aren't helpful, and discover steps to improve your organization's training program. Continue Reading
By- Isabella Harford, TechTarget
-
Feature
31 Mar 2022
The importance of HR's role in cybersecurity
HR teams must keep security top of mind when hiring and onboarding employees and enforcing data privacy policies. Get advice on the procedures and mechanisms to do so. Continue Reading
By- Isabella Harford, TechTarget
- Packt Publishing
-
Feature
31 Mar 2022
Why CISOs need to understand the business
While CISOs need technical skills, business skills help them push their team's agenda and get the support and funding they need to protect their company. Continue Reading
By- Isabella Harford, TechTarget
-
Tip
29 Mar 2022
How to put cybersecurity sustainability into practice
Cybersecurity sustainability practices involve mitigating cyber-risk without burning out people -- or burning through resources. Explore what that looks like on the ground. Continue Reading
By- Diana Kelley, SecurityCurve
- Deepayan Chanda, Cubic Consulting
-
Feature
29 Mar 2022
Cryptocurrency cyber attacks on the rise as industry expands
Consumers, businesses and governments are finding new ways to use cryptocurrency, but a recent string of cyber attacks has highlighted security risks and shortcomings. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
28 Mar 2022
The benefits and challenges of SBOMs
While software bills of material present new challenges for security teams, they offer the benefits of improved visibility, transparency and security. Continue Reading
By- Manjunath Bhat
-
Tip
25 Mar 2022
Review Microsoft Defender for endpoint security pros and cons
Microsoft wants to make Defender the only endpoint security product companies need, but does the good outweigh the bad? Read up on its features and pitfalls. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Definition
25 Mar 2022
PA-DSS (Payment Application Data Security Standard)
Payment Application Data Security Standard (PA-DSS) is a set of requirements intended to help software vendors develop secure payment applications for credit card transactions. Continue Reading
By- Katie Terrell Hanna
- Maggie Sullivan, SEO/Content Specialist
-
Tip
24 Mar 2022
How to overcome GDPR compliance challenges
As GDPR fines and penalties increase, organizations must prioritize compliance to avoid financial and reputational damages. Learn about the top challenges and their solutions. Continue Reading
By -
News
24 Mar 2022
Okta provides new details on Lapsus$ attack
The authentication provider shed new light on how a customer service agent at subcontractor Sitel was hacked and then used to obtain data on hundreds of Okta clients. Continue Reading
-
News
23 Mar 2022
NPM 'protestware' raises questions on open source security
The deliberate sabotage of an NPM package to protest war in Ukraine worsens the already complex threat of software supply chain attacks, open source and security experts said. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
22 Mar 2022
Biden: Russia exploring cyber attacks against US
President Joe Biden's warning of potential Russian attacks against U.S. critical infrastructure is the latest call to action for the private sector to fortify its cyberdefenses. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
16 Mar 2022
3 benefits of sustainable cybersecurity in the enterprise
Sustainable cybersecurity means taking the long view on cyber-risk mitigation. Explore the technical, financial, societal and reputational wins it can net for the enterprise. Continue Reading
By- Diana Kelley, SecurityCurve
- Deepayan Chanda, Cubic Consulting
-
News
14 Mar 2022
Cyber insurance war exclusions loom amid Ukraine crisis
Changes in insurance exemptions for acts of war reflect an increase in damages caused to enterprises related to state-sponsored cyber attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
11 Mar 2022
How to write an information security policy, plus templates
Infosec policies are key to any enterprise security program. Read up on types of security policies and how to write one, and download free templates to start the drafting process. Continue Reading
By -
Guest Post
11 Mar 2022
How to build a security champions program
Security champions are key to promoting and creating a security-first company. Learn how to build a security champions program using these four steps. Continue Reading
By- Nabil Hannan
-
Answer
10 Mar 2022
Use microsegmentation to mitigate lateral attacks
Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Tip
07 Mar 2022
Top DevSecOps certifications and trainings
Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle. Continue Reading
By- Isabella Harford, TechTarget
-
Feature
28 Feb 2022
Tips for creating a cybersecurity resume
Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume. Continue Reading
By- Isabella Harford, TechTarget
- Manning Publications Co.
-
Feature
28 Feb 2022
How to manage imposter syndrome in cybersecurity
The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice. Continue Reading
By- Isabella Harford, TechTarget
-
Guest Post
25 Feb 2022
4 tips for selecting cybersecurity insurance
Choosing a cybersecurity insurance provider can be a daunting and complex task. Follow this advice to select the best policy -- and provider -- for your business. Continue Reading
By- Nate Smolenski
-
News
25 Feb 2022
(ISC)2 study finds long remediation times for Log4Shell
An (ISC)2 survey of cybersecurity professionals found Log4Shell remediation for many organizations took several weeks or more than a month, requiring work on weekends and holidays. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
Tip
24 Feb 2022
Pave a path to cybersecurity and physical security convergence
Physical security doesn't get the attention cybersecurity does, but that gap poses significant risks. Find out what you can do to better protect your organization's assets. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Tip
22 Feb 2022
Top 6 critical infrastructure cyber-risks
Cyber attacks on critical infrastructure assets can cause enormous and life-threatening consequences. Discover the top cyber-risks to critical infrastructure here. Continue Reading
By