Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Tip 20 Nov 2024
4 types of access control

Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Tip 20 Nov 2024
User provisioning and deprovisioning: Why it matters for IAM

Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary. Continue Reading
By
- Dave Shackleford, Voodoo Security

News 03 Feb 2022
DHS forms first-ever Cyber Safety Review Board

The new initiative is one in a string of many by the Biden administration to push public and private collaboration in addressing cyber threats such as Log4j vulnerabilities. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 03 Feb 2022
The importance of a policy-driven threat modeling approach

An expanding threat landscape, combined with increasing cloud use and a cybersecurity skill shortage, is driving the need for a policy-driven threat modeling approach. Continue Reading
By
- Altaz Valani
News 03 Feb 2022
Juniper Networks launches Secure Edge firewall as a service

Secure Edge, the as-a-service version of Juniper's SRX firewalls, is managed through the Security Director Cloud platform for SASE released last May. Continue Reading
By
- Madelaine Millar, TechTarget
News 01 Feb 2022
Ransomware attacks continue to plague public services

Ransomware this year has picked up right where 2021 left off, with several local governments, schools and health services across the U.S. suffering attacks. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Feature 31 Jan 2022
Include defensive security in your cybersecurity strategy

Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 28 Jan 2022
4 data privacy predictions for 2022 and beyond

Data privacy will continue to heat up in 2022. From regulations to staffing to collaboration, will these data privacy predictions come to fruition in the next 12 months and beyond? Continue Reading
By
- Isabella Harford, TechTarget
Feature 27 Jan 2022
How to use Nmap to scan specific ports

One of Nmap's primary functions is conducting port scans. In this walkthrough, learn how to launch a default scan, along with other options that affect Nmap port scan behavior. Continue Reading
By
- Sharon Shea, Executive Editor
- Packt Publishing
Guest Post 27 Jan 2022
How AI can help security teams detect threats

AI and machine learning are reshaping modern threat detection. Learn how they help security teams efficiently and accurately detect malicious actors. Continue Reading
By
- Rohit Dhamankar
News 25 Jan 2022
Bernalillo County ransomware attack still felt weeks later

A ransomware attack in early January disrupted government systems in New Mexico's largest county, which stalled operations at county offices and the county detention center. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Tip 18 Jan 2022
4 software supply chain security best practices

The increasing complexity of software supply chains makes it difficult for companies to understand all its components. Learn how to find vulnerabilities before attackers. Continue Reading
By
- Ed Moyle, Drake Software
Guest Post 11 Jan 2022
Endpoint security is nothing without human operators

The growing threat landscape has made endpoint security more important than ever. Deploying an endpoint security platform without the proper staff, however, is simply not enough. Continue Reading
By
- Kevin Hanes
News 10 Jan 2022
VMware ESXi 7 users vulnerable to hypervisor takeover bug

A recent security update addressed a hypervisor takeover vulnerability in several VMware products, but the patch omitted one key server platform in ESXi 7. Continue Reading
By
- Shaun Nichols
Tip 10 Jan 2022
3 areas privacy and cybersecurity teams should collaborate

Organizations can get a lot of value by having their privacy and cybersecurity teams work closely together. Collaborating on compliance objectives is just one benefit. Continue Reading
By
- Mike Chapple, University of Notre Dame
Feature 29 Dec 2021
Editor's picks: Top cybersecurity articles of 2021

As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
By
- Isabella Harford, TechTarget
Guest Post 28 Dec 2021
How to make security accessible to developers

Apps are too often released with flaws and vulnerabilities. Learn how to make security accessible to developers by integrating best practices into the development lifecycle. Continue Reading
By
- Aakash Shah, Om Vyas
Feature 28 Dec 2021
Top infosec best practices, challenges and pain points

Weak infosec practices can have irrevocable consequences. Read up on infosec best practices and challenges, as well as the importance of cybersecurity controls and risk management. Continue Reading
By
- Isabella Harford, TechTarget
News 23 Dec 2021
ManageEngine attacks draw warning from FBI

The FBI said a vulnerability in the ManageEngine Desktop Central IT management tool is being used by APT actors in targeted network attacks dating back to October. Continue Reading
By
- Shaun Nichols
Tip 22 Dec 2021
Cybersecurity asset management takes ITAM to the next level

Security pros need to focus on cybersecurity asset management for devices, services and the vendors that can help. Use our checklist to find out how and where to start. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Tip 21 Dec 2021
5 ways to automate security testing in DevSecOps

Read up on five areas of DevSecOps that benefit from security testing automation, such as code quality checking, web application scanning and vulnerability scanning. Continue Reading
By
- Ed Moyle, Drake Software
Tip 21 Dec 2021
How to mitigate Log4Shell, the Log4j vulnerability

The easy-to-exploit Log4j vulnerability known as Log4Shell is dangerous and must be dealt with as soon as possible. Get pointers on how to mitigate and monitor the threat. Continue Reading
By
- Michael Cobb
Definition 20 Dec 2021
copyright

Copyright is a legal term describing ownership of control of the rights to the use and distribution of certain works of creative expression, including books, video, motion pictures, musical compositions and computer programs. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
- Robert Richardson
Guest Post 15 Dec 2021
The importance of automated certificate management

Managing the plethora of digital certificates can no longer be done in a spreadsheet by hand. Discover the importance of automated certificate management here. Continue Reading
By
- Tim Callan
Guest Post 10 Dec 2021
The business benefits of data compliance

Beyond appeasing auditors and avoiding fines, data compliance offers several business benefits. Discover how data compliance can build trust and improve publicity. Continue Reading
By
- Mitesh Athwani
Feature 10 Dec 2021
The Bigger Truth: Cybersecurity splurge and who needs 5G?

Commentary on the venture capital cybersecurity splurge, Ericsson's Vonage acquisition and the ESG 2022 Technology Spending Intentions Survey. Steve also asks: Who needs 5G, anyway? Continue Reading
By
- Jamison Cush, Senior Executive Editor
News 07 Dec 2021
Google takes action against blockchain-based Glupteba botnet

In a legal complaint made public Tuesday, Google said that it "has been and continues to be directly injured" by the actions of the Glupteba botnet. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 06 Dec 2021
Passwordless authentication issues to address before adoption

The technology for passwordless authentication exists, but challenges remain. Companies must grapple with differing use cases, legacy software, adoption costs and more. Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 06 Dec 2021
How to get started with attack surface reduction

Attack surface reduction and management are vital to any security team's toolbox. Learn what ASR is and how it complements existing vulnerability management products. Continue Reading
By
- Diana Kelley, SecurityCurve
News 01 Dec 2021
CISA taps CrowdStrike for endpoint security

The U.S. government's cybersecurity authority will be watched over by security vendor CrowdStrike as part of the larger government IT security overhaul. Continue Reading
By
- Shaun Nichols
News 01 Dec 2021
Palo Alto Networks and GTT to launch managed SASE platform

GTT Communications and Palo Alto Networks announced they will partner to offer a managed SASE platform using Prisma Access, Palo Alto's cloud-based security function. Continue Reading
By
- Madelaine Millar, TechTarget
Tip 29 Nov 2021
How SBOMs for cybersecurity reduce software vulnerabilities

With SBOMs, companies will know what components constitute the software they purchase, making it easier for security teams to understand and manage vulnerabilities and risks. Continue Reading
By
- Ed Moyle, Drake Software
Guest Post 23 Nov 2021
How to talk about cybersecurity risks, colloquially

The cybersecurity field is riddled with confusion and complexity. Knowing how to talk about risk and how to manage it is key to building resilience. Continue Reading
By
- Todd Inskeep
Guest Post 16 Nov 2021
How to create security metrics business leaders care about

Security metrics must be clear, actionable and resonate with business leadership. Learn how to create metrics that business leaders care about and will act upon. Continue Reading
By
- Jeffrey Wheatman
Guest Post 16 Nov 2021
3 ways to balance app innovation with app security

New innovations come with an onslaught of risks and vulnerabilities. Use these three concepts to promote innovation, while ensuring web application security. Continue Reading
By
- Mark Ralls
Guest Post 15 Nov 2021
Reduce the risk of cyber attacks with frameworks, assessments

Don't rely on a compliance mandate to reduce the risk of cyber attacks or on a cyber insurer to cover an attack's aftermath. Assessments and frameworks are key to staying safe. Continue Reading
By
- Kayne McGladrey
News 10 Nov 2021
US targets REvil, DarkSide ransomware with $10M rewards

Infosec experts weigh in on the U.S. government's latest tactic to thwart ransomware operations -- the offering of rewards of up to $10 million for information on operators. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 10 Nov 2021
4 concepts that help balance business and security goals

The goal of enterprise security is to maintain connectivity, while remaining protected. Use these four concepts to balance business and security goals. Continue Reading
By
- Mark Pierpoint
News 08 Nov 2021
DOJ charges REvil ransomware members, seizes $6.1M

One of the accused cybercriminals, who was directly involved in the ransomware attack on Kaseya earlier this year, was arrested and faces extradition from Poland. Continue Reading
By
- Shaun Nichols
Definition 04 Nov 2021
vulnerability disclosure

Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware. Continue Reading
By
- Katie Terrell Hanna
- Linda Rosencrance
Feature 03 Nov 2021
Why chaos engineering testing makes sense for cybersecurity

Using the concept of chaos engineering, teams can determine whether systems perform as intended in time of need. But how does it relate to security? Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 27 Oct 2021
5 IT security policy best practices

As businesses and technologies grow and evolve, it's important IT security policies do, too. Follow these five best practices to ensure policies are fresh and relevant. Continue Reading
By
- Diana Kelley, SecurityCurve
News 20 Oct 2021
Chris Krebs weighs in on zero trust, FBI web shell removal

Regarding the FBI action to silently remove web shells from vulnerable Exchange Servers, former CISA director Chris Krebs said he expects to see the action again if appropriate. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Oct 2021
Gartner analysts debate ransomware payments

During Gartner's IT Symposium, analysts discussed the complex factors companies face when deciding whether or not to give into ransom demands. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 20 Oct 2021
5 questions to ask when creating a ransomware recovery plan

These 'five W's of ransomware' will help organizations ask the right questions when creating a ransomware-specific disaster recovery plan. Continue Reading
By
- Dustin Milberg
News 18 Oct 2021
FinCEN: 2021 ransomware activity outpaces 2020 in 6 months

The U.S. Treasury's financial crimes bureau has seen a rise in anonymity-enhanced cryptocurrencies like Monero, though Bitcoin remains the most used. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Oct 2021
Accenture sheds more light on August data breach

The IT services giant disclosed in an SEC filing that threat actors stole and leaked proprietary data during a LockBit ransomware attack earlier this year. Continue Reading
By
- Shaun Nichols
News 14 Oct 2021
Enterprises ask Washington to step up cyber collaboration

During CISA's National Cybersecurity Summit, critical infrastructure companies said they need better information on cyberthreats from the federal government. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Oct 2021
Cyber insurance premiums, costs skyrocket as attacks surge

As cyber attacks and losses have increased, so has demand for cyber insurance. But now premiums are reflecting a harsh new reality. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Sep 2021
Ransomware: Has the U.S. reached a tipping point?

The ransomware problem has grown more severe in recent years due to a growing number of attacks against large organizations and the standardization of double-extortion tactics. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Sep 2021
Cybersecurity leaders back law for critical infrastructure

In the wake of cyberattacks like Colonial Pipeline, U.S. senators want a national law requiring critical infrastructure companies to report cybersecurity incidents to CISA. Continue Reading
By
- Makenzie Holland, Senior News Writer
Feature 23 Sep 2021
Experts debate XDR market maturity and outlook

Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go. Continue Reading
By
- Alissa Irei, Senior Site Editor
Definition 17 Sep 2021
security policy

A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets. Continue Reading
By
- Ben Lutkevich, Site Editor
Guest Post 16 Sep 2021
7 tips for building a strong security culture

Cybersecurity isn't just IT's responsibility. Use these seven tips to build a security culture where employees and IT work together to keep their organization safe. Continue Reading
By
- Perry Carpenter
Feature 14 Sep 2021
Why companies should use AI for fraud management, detection

AI is involved in many cybersecurity processes. Now it's making inroads in fraud management and detection. The benefits, however, are not without AI's nagging bias challenge. Continue Reading
By
- Isabella Harford, TechTarget
News 08 Sep 2021
CrowdStrike threat report: Breakout time decreased 67% in 2021

CrowdStrike's latest research shows threat actors have reduced the time it takes for them to move laterally in victim environments, thanks in part to ransomware as a service. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 19 Aug 2021
CISA offers ransomware response guidelines to organizations

In its new ransomware prevention and response guide, CISA 'strongly discourages paying a ransom,' citing the potential to embolden threat actors and fund illicit activity. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 11 Aug 2021
NortonLifeLock and Avast joining forces in $8 billion merger

The combined company from NortonLifeLock and Avast will be dual-headquartered in Arizona and Prague, and will serve 500 million users, including 40 million direct customers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 05 Aug 2021
Researchers argue action bias hinders incident response

A Black Hat 2021 session focused on the human instinct to act immediately after a cyber attack and how that can negatively impact incident response. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Aug 2021
CISA director announces 'Joint Cyber Defense Collaborative'

The Joint Cyber Defense Collaborative, or JCDC, is a partnership between the public and private sectors to create and implement comprehensive national cybersecurity plans. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 27 Jul 2021
Cybersecurity investments surge in 2021 as VCs go all in

Venture capital firms have flooded the cybersecurity market this year with investment dollars for young startups and established vendors alike. What's behind this surge? Continue Reading
By
- Arielle Waldman, News Writer
News 26 Jul 2021
Gartner: 'Weaponized' operational tech poses grave danger

New research by Gartner analyst Wam Voster warns that while attacks in the IT world can lead to loss of information, attacks in the OT world can lead to loss of life. Continue Reading
By
- Arielle Waldman, News Writer
News 22 Jul 2021
US Senate mulling bill on data breach notifications

The Senate Intelligence Committee introduced a bill that would require federal agencies and companies providing critical infrastructure to report network breaches to DHS. Continue Reading
By
- Shaun Nichols
News 22 Jul 2021
Kaseya obtained ransomware decryptor from 'trusted third party'

Kaseya told SearchSecurity that for 'confidentiality reasons' it could only confirm that the ransomware decryptor came from a trusted third party and that it was helping customers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jul 2021
DHS unveils second round of new pipeline security requirements

New requirements from DHS for oil and gas pipeline operators include the implementation of 'specific mitigation measures' against cyberthreats, specifically ransomware attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Jul 2021
US government launches 'StopRansomware' site

In the latest initiatives to combat ransomware, the new website provides individuals and organizations with services and tools to help reduce the risk of attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Jul 2021
Microsoft to acquire RiskIQ to combat growing cyberthreats

Microsoft has agreed to purchase threat intelligence vendor RiskIQ to bolster its cloud security offerings and help customers address global cyberthreats. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Jul 2021
Kaseya post-attack VSA deployment delayed until Sunday

Kaseya CEO Fred Voccola said in an early Wednesday video update that the VSA deployment delay was 'probably the hardest decision I've had to make in my career.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 08 Jul 2021
5 steps to implement threat modeling for incident response

This five-step process to develop an incident response plan from Rohit Dhamankar of Alert Logic includes threat modeling, which is key to thwarting cyber attacks. Continue Reading
By
- Rohit Dhamankar
News 30 Jun 2021
Alleged creator of Gozi banking Trojan arrested in Colombia

Romanian Mihai Ionut Paunescu, known as 'Virus,' was charged with two other supposed creators of the Gozi malware back in 2012, but Paunescu is the only one not to be extradited. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Jun 2021
Biden proposes critical infrastructure safe zones for hacking

The U.S. wants Russia to agree to make critical infrastructure targets off limits to hacking, but some infosec experts are skeptical such an agreement can be enforced. Continue Reading
By
- Shaun Nichols
News 17 Jun 2021
SolarWinds response team recounts early days of attack

During a webcast, members of the SolarWinds incident response team explained how a lucky break with a virtual machine aided their investigation into the historic breach. Continue Reading
By
- Shaun Nichols
News 16 Jun 2021
6 suspected Clop ransomware gang members arrested in Ukraine

The impact of the arrests is unknown, as Clop's ransomware leak site remains online after the arrests. The scale of the gang's current operation is also unknown. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 11 Jun 2021
Top 5 benefits of a new cybersecurity market model

Companies are struggling to identify the cybersecurity technology that would actually be useful for their use cases. It's time for a new market model around efficacy instead. Continue Reading
By
- Joe Hubback
News 10 Jun 2021
JBS USA paid $11M ransom to REvil hackers

Last week JBS USA said the ransomware attack was resolved and all facilities were fully operational, but now the company confirmed it paid a huge ransom. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 10 Jun 2021
Risk & Repeat: Colonial Pipeline CEO grilled by Congress

Colonial Pipeline Co. CEO Joseph Blount faced criticism from several members of Congress this week during two different hearings on the recent ransomware attack. Continue Reading
By
- Rob Wright, Senior News Director
News 09 Jun 2021
Mandiant: Compromised Colonial Pipeline password was reused

The Colonial Pipeline VPN password was relatively complex, according to Mandiant CTO Charles Carmakal, and likely would have been difficult for DarkSide threat actors to guess. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 08 Jun 2021
FBI used encrypted Anom app in international crime bust

The FBI secretly ran an encrypted chat network that included 12,000 devices and was widely used by criminal organizations across the globe for various illegal dealings. Continue Reading
By
- Shaun Nichols
News 08 Jun 2021
FBI seized Colonial Pipeline ransom using private key

After Colonial Pipeline paid a $4.4 million ransom demand in last month's attack, the DOJ announced the majority of the funds have been retrieved by the FBI. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Jun 2021
DOJ charges alleged Trickbot developer

Several of the 19 charges brought against the alleged Trickbot Group developer Alla Witte include bank fraud and aggravated identity theft. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 03 Jun 2021
Security observability vs. visibility and monitoring

Security observability, monitoring and visibility play different roles but together provide the tools to establish an all-encompassing enterprise security architecture. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 03 Jun 2021
FireEye and Mandiant part ways in $1.2B deal

FireEye products and Mandiant incident response services will split into two entities under the pending acquisition of FireEye by Symphony Technology Group. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 01 Jun 2021
Risk & Repeat: Security startups and trends from RSAC 2021

Analyst Carla Roncato of Enterprise Strategy Group weighs in on RSA Conference and the security startups featured during the show's Innovation Sandbox competition. Continue Reading
By
- Rob Wright, Senior News Director
Feature 28 May 2021
Inept cybersecurity education and training feed into skills gap

Learn why former infosec instructor and author of 'How Cybersecurity Really Works' advocates for changes to security education and training to alleviate the industry skills gap. Continue Reading
By
- Katie Donegan, Social Media Manager
News 27 May 2021
DHS opens valve on new pipeline security requirements

The U.S. government has put forward a trio of new cybersecurity requirements for companies that operate oil and gas pipelines, including incident reporting and risk assessment. Continue Reading
By
- Shaun Nichols
Definition 27 May 2021
National Security Agency (NSA)

The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI). Continue Reading
By
- Andy Patrizio
- Kathleen Richards
News 24 May 2021
Conti ransomware spree draws FBI attention

Hospitals and emergency service networks in the U.S. are at heightened risk from the new ransomware operation that disrupted Ireland's healthcare system in recent weeks. Continue Reading
By
- Shaun Nichols
News 21 May 2021
Stale sessions, ML poisoning among 2021's top security threats

An all-star security panel at RSA Conference discusses the biggest issues facing companies today and what it thinks will emerge as the top threats in the coming months. Continue Reading
By
- Shaun Nichols
Feature 21 May 2021
RSA Conference 2021: 3 hot cybersecurity trends explained

In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 20 May 2021
4 ways to handle the cybersecurity skills shortage in 2021

More than half of cybersecurity pros say their organizations could do more to manage negative effects of the skills shortage, such as overwork and burnout. Find out how. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 18 May 2021
Neuberger calls for shift in software supply chain security

In an RSA Conference keynote, Anne Neuberger, deputy national security advisor for cyber and emerging technology, said security requires a major "mindset shift." Continue Reading
By
- Arielle Waldman, News Writer
News 18 May 2021
5 ways bad incident response plans can help threat actors

Infosec executives from Netskope and Chipotle Mexican Grill hosted an RSA Conference session about their personal experiences and lessons learned while responding to attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 18 May 2021
Sophos: 81% of attacks last year involved ransomware

The majority of incidents Sophos responded to in the last year involved ransomware. The company also found the median dwell time of attackers was 11 days. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 17 May 2021
Cyber Defense Matrix makes sense of chaotic security market

The Cyber Defense Matrix aims to help CISOs make strategic, informed security investments that weigh cyber risk mitigation in the context of business constraints and goals. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 13 May 2021
Biden signs executive order to modernize cyberdefenses

Following several high-profile attacks on the federal government, the new executive order seeks to eliminate outdated security practices and improve supply chain security. Continue Reading
By
- Arielle Waldman, News Writer
News 12 May 2021
Cyber insurance firm AXA halts coverage for ransom payments

As ransomware attacks increase across the globe and ransom payment reimbursement becomes a key issue for cyber insurers, AXA may be setting a new trend for private industries. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2021
'Bulletproof' hosts catch RICO charges for aiding cybercriminals

Four men pleaded guilty to RICO conspiracy charges for operating a bulletproof hosting service that provided infrastructure to cybercriminals' operations. Continue Reading
By
- Shaun Nichols
Feature 07 May 2021
Despite confusion, zero-trust journey underway for many

Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 06 May 2021
6 ways to spur cybersecurity board engagement

New research suggests corporate boards are paying closer attention to cybersecurity, but experts say progress is still modest and slow. Continue Reading
By
- Alissa Irei, Senior Site Editor
Guest Post 03 May 2021
Cybersecurity contingency planning needs a face-lift

Following the unexpected craziness of 2020, companies need to sit down and revamp their cybersecurity contingency plan to ensure their business continuity. Continue Reading
By
- Joe Neumann and Doug Hudson
Podcast 30 Apr 2021
Risk & Repeat: Will the Ransomware Task Force make an impact?

The Institute for Security and Technology's Ransomware Task Force published several recommendations to better address the growing security threat. Will they work? Continue Reading
By
- Rob Wright, Senior News Director
News 29 Apr 2021
Ransomware Task Force takes aim at cryptocurrencies

The Ransomware Task Force released a new report with recommendations on how to tackle the growing ransomware problem, including regulation of cryptocurrency services. Continue Reading
By
- Arielle Waldman, News Writer