Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

News 29 Jan 2025
CISO enlists agentic AI reinforcements for SecOps

AI agents are already in the hands of adversaries. One aerospace CISO has begun to use them to augment his SecOps staff and even the score. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 28 Jan 2025
DeepSeek claims 'malicious attacks' disrupting AI service

DeepSeek, which gained popularity recently for its AI platform, did not specify the cause of 'large-scale malicious attacks,' which continue to disrupt new account registrations. Continue Reading
By
- Alexander Culafi, Senior News Writer

Podcast 01 Jun 2021
Risk & Repeat: Security startups and trends from RSAC 2021

Analyst Carla Roncato of Enterprise Strategy Group weighs in on RSA Conference and the security startups featured during the show's Innovation Sandbox competition. Continue Reading
By
- Rob Wright, Senior News Director
Feature 28 May 2021
Inept cybersecurity education and training feed into skills gap

Learn why former infosec instructor and author of 'How Cybersecurity Really Works' advocates for changes to security education and training to alleviate the industry skills gap. Continue Reading
By
- Katie Donegan, Social Media Manager
News 27 May 2021
DHS opens valve on new pipeline security requirements

The U.S. government has put forward a trio of new cybersecurity requirements for companies that operate oil and gas pipelines, including incident reporting and risk assessment. Continue Reading
By
- Shaun Nichols
Definition 27 May 2021
National Security Agency (NSA)

The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI). Continue Reading
By
- Andy Patrizio
- Kathleen Richards
News 24 May 2021
Conti ransomware spree draws FBI attention

Hospitals and emergency service networks in the U.S. are at heightened risk from the new ransomware operation that disrupted Ireland's healthcare system in recent weeks. Continue Reading
By
- Shaun Nichols
News 21 May 2021
Stale sessions, ML poisoning among 2021's top security threats

An all-star security panel at RSA Conference discusses the biggest issues facing companies today and what it thinks will emerge as the top threats in the coming months. Continue Reading
By
- Shaun Nichols
Feature 21 May 2021
RSA Conference 2021: 3 hot cybersecurity trends explained

In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 20 May 2021
4 ways to handle the cybersecurity skills shortage in 2021

More than half of cybersecurity pros say their organizations could do more to manage negative effects of the skills shortage, such as overwork and burnout. Find out how. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 18 May 2021
Neuberger calls for shift in software supply chain security

In an RSA Conference keynote, Anne Neuberger, deputy national security advisor for cyber and emerging technology, said security requires a major "mindset shift." Continue Reading
By
- Arielle Waldman, News Writer
News 18 May 2021
5 ways bad incident response plans can help threat actors

Infosec executives from Netskope and Chipotle Mexican Grill hosted an RSA Conference session about their personal experiences and lessons learned while responding to attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 18 May 2021
Sophos: 81% of attacks last year involved ransomware

The majority of incidents Sophos responded to in the last year involved ransomware. The company also found the median dwell time of attackers was 11 days. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 17 May 2021
Cyber Defense Matrix makes sense of chaotic security market

The Cyber Defense Matrix aims to help CISOs make strategic, informed security investments that weigh cyber risk mitigation in the context of business constraints and goals. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 13 May 2021
Biden signs executive order to modernize cyberdefenses

Following several high-profile attacks on the federal government, the new executive order seeks to eliminate outdated security practices and improve supply chain security. Continue Reading
By
- Arielle Waldman, News Writer
News 12 May 2021
Cyber insurance firm AXA halts coverage for ransom payments

As ransomware attacks increase across the globe and ransom payment reimbursement becomes a key issue for cyber insurers, AXA may be setting a new trend for private industries. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2021
'Bulletproof' hosts catch RICO charges for aiding cybercriminals

Four men pleaded guilty to RICO conspiracy charges for operating a bulletproof hosting service that provided infrastructure to cybercriminals' operations. Continue Reading
By
- Shaun Nichols
Feature 07 May 2021
Despite confusion, zero-trust journey underway for many

Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 06 May 2021
6 ways to spur cybersecurity board engagement

New research suggests corporate boards are paying closer attention to cybersecurity, but experts say progress is still modest and slow. Continue Reading
By
- Alissa Irei, Senior Site Editor
Guest Post 03 May 2021
Cybersecurity contingency planning needs a face-lift

Following the unexpected craziness of 2020, companies need to sit down and revamp their cybersecurity contingency plan to ensure their business continuity. Continue Reading
By
- Joe Neumann and Doug Hudson
Podcast 30 Apr 2021
Risk & Repeat: Will the Ransomware Task Force make an impact?

The Institute for Security and Technology's Ransomware Task Force published several recommendations to better address the growing security threat. Will they work? Continue Reading
By
- Rob Wright, Senior News Director
News 29 Apr 2021
Ransomware Task Force takes aim at cryptocurrencies

The Ransomware Task Force released a new report with recommendations on how to tackle the growing ransomware problem, including regulation of cryptocurrency services. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 15 Apr 2021
Risk & Repeat: FBI's web shell removal raises questions

The FBI accessed computers -- without the knowledge or consent of the owners -- to remove hundreds of web shells placed in vulnerable Microsoft Exchange servers. Continue Reading
By
- Rob Wright, Senior News Director
News 15 Apr 2021
Applus inspection systems still down following malware attack

Applus Technologies said it stopped a malware attack two weeks ago, but systems are still down as eight states are forced to extend vehicle inspection dates. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Apr 2021
FBI removes web shells from infected Exchange servers

The DOJ announced the FBI had successfully removed hundreds of web shells from computers impacted by ProxyLogon and related Exchange Server vulnerabilities. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 05 Apr 2021
Can a new DHS cybersecurity strategy help the private sector?

The U.S. Department of Homeland Security outlines federal plans to improve public and private cybersecurity, but analysts advise caution over strategies that can't be mandated. Continue Reading
By
- Kate Gerwig, Editorial Director
News 01 Apr 2021
Man indicted in Kansas water facility breach

While the attempted tampering of a Kansas water facility occurred more than two years ago, the Justice Department this week indicted a 22-year-old former employee. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Apr 2021
CISA: U.S. agencies must scan for Exchange Server attacks

CISA has not said whether any federal agencies have been hit by Exchange Server attacks, but the directive requires them to use Microsoft's detection tools to identify threats. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 01 Apr 2021
DHS: Ransomware poses a national security threat

Ransomware is just one threat DHS Secretary Alejandro Mayorkas discusses during an RSA Conference webcast on the cybersecurity challenges facing the U.S. Continue Reading
By
- Arielle Waldman, News Writer
Feature 29 Mar 2021
Ransomware negotiations: An inside look at the process

Ransomware negotiators are brought in to communicate with cybercriminals and hopefully arrange less expensive payments. How often do they succeed? Continue Reading
By
- Rob Wright, Senior News Director
News 18 Mar 2021
FBI IC3 report's ransomware numbers are low, experts say

The FBI's Internet Crime Complaint Center reported a massive increase in financial losses from 2020 ransomware attacks, but infosec experts say the problem is worse than statistics say. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 17 Mar 2021
Top incident response tools to boost network protection

Incident response tools can help organizations identify, prevent and respond to malware exploits, ransomware and other targeted cybersecurity attacks. Continue Reading
By
- Dave Shackleford, Voodoo Security
Guest Post 16 Mar 2021
How attackers counter incident response after a data breach

It's not over until it's over. Explore how attackers use backdoors and evasion techniques to counter incident response measures even long after a data breach is disclosed. Continue Reading
By
- Andrew Kempster
News 08 Mar 2021
McAfee sells off enterprise business for $4 billion

Less than six months after its IPO, McAfee has agreed to sell its enterprise business to private equity firm Symphony Technology Group and refocus on consumer cybersecurity. Continue Reading
By
- Rob Wright, Senior News Director
News 01 Mar 2021
Chinese threat group 'RedEcho' targeting Indian power grid

The Chinese nation-state actor's targets include 10 different Indian power sector organizations, but Recorded Future said there's no evidence RedEcho triggered blackouts. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 26 Feb 2021
Risk & Repeat: Inside the SolarWinds Senate hearing

This week's Senate Intelligence Committee hearing on SolarWinds tackled the attribution case against Russian state-sponsored hackers, as well as questions for AWS. Continue Reading
By
- Rob Wright, Senior News Director
News 24 Feb 2021
Senate hearing: SolarWinds evidence points to Russia

Executives from Microsoft and FireEye said that there was substantial evidence pointing to Russia's role in the SolarWinds attack and no evidence found leading anywhere else. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 24 Feb 2021
How to prevent supply chain attacks: Tips for suppliers

Every company, large and small, must assume it is a target in the supply chain. Suppliers should follow these best practices to keep themselves and their customers protected. Continue Reading
By
- Michael Cobb
News 18 Feb 2021
White House: 100 companies compromised in SolarWinds hack

The White House discussed its response to the SolarWinds attacks, which so far have compromised nine federal agencies and approximately 100 private sector companies. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Feb 2021
DOJ indicts additional WannaCry conspirators

The unsealed indictments accuse three individuals of being part of a hacking group, known as APT38 or Lazarus Group, within a North Korean military intelligence agency. Continue Reading
By
- Arielle Waldman, News Writer
Feature 11 Feb 2021
4 tips for aligning security with business objectives

Today's most effective CISOs develop cybersecurity strategies that fit their organizations' risk appetites and support business growth. Learn how they do it. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 28 Jan 2021
DOJ charges suspect in NetWalker ransomware attacks

The Department of Justice launched a coordinated effort to disrupt the notorious ransomware operation, which has infected healthcare organizations during the COVID-19 pandemic. Continue Reading
By
- Arielle Waldman, News Writer
News 27 Jan 2021
Emotet taken down in global law enforcement operation

Ukraine's National Police said two citizens of Ukraine face up to 12 years in prison for their role in maintaining and operating Emotet, and other suspects have been identified. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 12 Jan 2021
Capitol building breach poses cybersecurity risks

While security experts are divided on the level of risk, they agree there is a potential for threats after rioters stormed the Capitol building and ransacked offices. Continue Reading
By
- Arielle Waldman, News Writer
Feature 08 Jan 2021
2021 IT priorities require security considerations

AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading
By
- Sharon Shea, Executive Editor
Definition 22 Dec 2020
What is SecOps? Everything you need to know

SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC. Continue Reading
By
- Sandra Gittlen
News 17 Dec 2020
CISA: SolarWinds backdoor attacks are 'ongoing'

A joint statement from the FBI, CISA and Office of the Director of National Intelligence says the SolarWinds backdoor attacks are 'ongoing' and have comprised federal agencies. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Dec 2020
FBI, CISA warn of growing ransomware attacks on K-12 schools

The FBI and the Cybersecurity and Infrastructure Security Agency warned that cyber attacks targeting K-12 schools are expected to continue through the 2020 - 2021 school year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 11 Dec 2020
3 reasons why CISOs should collaborate more with CFOs

C-suite may not always understand ROI of security efforts, which is why Nabil Hannan suggests that CISOs work more closely with CFOs to learn how to best communicate security's value. Continue Reading
By
- Nabil Hannan
Tip 11 Dec 2020
Building an effective security operations center framework

An effective security operations center framework combines monitoring and analysis platforms and threat intelligence services to help organizations respond to risks quickly. Continue Reading
By
- Johna Till Johnson, Nemertes Research
News 07 Dec 2020
Russian state-sponsored hackers exploit VMware vulnerability

The NSA issued a cybersecurity advisory warning government agencies to mitigate as soon as possible, as the vulnerability was disclosed and patched last week. Continue Reading
By
- Arielle Waldman, News Writer
Feature 04 Dec 2020
7 SecOps roles and responsibilities for the modern enterprise

Now hiring: As organizations increasingly favor proactive cyber threat hunting and detection over bare-bones prevention, SecOps roles and responsibilities are shifting, too. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 01 Dec 2020
Ransomware attack shuts down Baltimore County schools

Ransomware incapacitated Baltimore County Public Schools' network just before Thanksgiving, but the school system said students' Chromebooks and Google accounts were not impacted. Continue Reading
By
- Arielle Waldman, News Writer
Tip 25 Nov 2020
8 benefits of a security operations center

A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 23 Nov 2020
10 tips for building a next-generation SOC

Check out 10 tips to help build a next-generation security operations center with the integrated tools to free security analysts to get ahead of and respond to threats fast. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Tip 20 Nov 2020
Pair cyber insurance, risk mitigation to manage cyber-risk

The role of cyber insurance may come after a breach, but it remains a useful element in an organization's vulnerability management strategy. Continue Reading
By
- Paul Kirvan
Tip 20 Nov 2020
Cyber insurance explained, from selection to post-purchase

Before you sign on the dotted line, make sure you understand what cyber insurance can and can't do -- and what type of policy will do the most for you. Continue Reading
By
- Sherri Davidoff, LMG Security
Podcast 20 Nov 2020
Risk & Repeat: Christopher Krebs out as CISA director

This week's Risk & Repeat podcast discusses President Trump's firing of CISA Director Christopher Krebs, which was a controversial move in the infosec community. Continue Reading
By
- Rob Wright, Senior News Director
News 19 Nov 2020
White House questions election security; experts do not

A number of infosec experts, election officials and government agencies say Election Day was free from hacking and cyber attacks, but the White House disagrees. Continue Reading
By
- Arielle Waldman, News Writer
News 18 Nov 2020
President Trump fires CISA director Christopher Krebs

President Trump fired Krebs as director of CISA after the agency pushed back on unfounded accusations about widespread voter fraud and voting system hacks during the election. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 11 Nov 2020
Palo Alto Networks buys Expanse for $800 million

Palo Alto Networks continued its acquisition spree with an agreement to purchase San Francisco-based security vendor Expanse, which specializes in attack surface management. Continue Reading
By
- Rob Wright, Senior News Director
Tip 11 Nov 2020
Note these 5 security operations center best practices

Understanding the five steps needed to ensure security operations center best practices will help organizations decide whether to outsource their SOC initiatives. Continue Reading
By
- Johna Till Johnson, Nemertes Research
News 09 Nov 2020
CISA: No election hacking, but plenty of misinformation

Election Day in the U.S. occurred with no evidence of cyber attacks or voting machine hacks, but CISA has its hands full with disinformation and conspiracy theories. Continue Reading
By
- Arielle Waldman, News Writer
- Alexander Culafi, Senior News Writer
Feature 04 Nov 2020
Cybersecurity communication key to addressing risk

As security teams strengthen communication with the overall organization as well as with vendors, more positive cybersecurity cultures can be forged. Continue Reading
By
- Michael Heller, TechTarget
Tip 30 Oct 2020
Benefits of virtual SOCs: Enterprise-run vs. fully managed

A virtual security operations center, be it managed in-house or by a third party, is becoming an increasingly popular option to save money and improve reliability. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Tip 30 Oct 2020
Security automation tools and analytics reshape SecOps efforts

To transition from being reactive to proactive in terms of cybersecurity threats, check out how SecOps teams can use security analytics and automation tools to make the change. Continue Reading
By
- Johna Till Johnson, Nemertes Research
News 21 Oct 2020
NSA issues advisory against Chinese state-sponsored hackers

Among the 25 vulnerabilities listed in the NSA advisory, numerous were critical and carried a CVSS score either at or close to 10, the highest possible. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 21 Oct 2020
Evaluating SOC automation benefits and limitations

Security operations center automation can help address the security skills gap by scaling critical analyst responsibilities. But an overreliance on AI introduces other risks. Continue Reading
By
- Jessica Groopman, Kaleido Insights
News 20 Oct 2020
After a brief pause, Trickbot rebounds from takedown efforts

Attempts to disrupt the notorious Trickbot botnet, most recently through Microsoft's legal takedown, have proven short-lived as ransomware attacks have resumed. Continue Reading
By
- Arielle Waldman, News Writer
Feature 14 Oct 2020
Blockchain or bust? Experts debate applications for elections

Blockchain has been proposed as a solution for security issues around e-voting. But some infosec experts are skeptical that the technology is the right fit for U.S. elections. Continue Reading
By
- Rob Wright, Senior News Director
News 13 Oct 2020
Trickbot takedown: Will it make a dent in ransomware attacks?

A court order allowed Microsoft and several partners to take down the Trickbot botnet, which is commonly used to deploy ransomware, but it's unclear how long the impact will last. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Oct 2020
Hackers exploit Netlogon flaw to attack government networks

CISA issued an alert stating those government networks that were targeted by the APT were close to election systems and the activity may pose some risk to those systems. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Oct 2020
Ping acquires blockchain identity startup ShoCard

Ping accelerated its push into the personal identity management market with the acquisition of ShoCard, which uses a blockchain-based platform to manage consumer identities. Continue Reading
By
- Rob Wright, Senior News Director
News 05 Oct 2020
Surge in ransomware attacks threatens student data

Ransomware attacks are not the only threats facing K-12 schools during the COVID-19 pandemic. Cybercriminals are stealing and exposing students' personal data as well. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 01 Oct 2020
3 common election security vulnerabilities pros should know

Election security remains top of mind for many right now, with Nabil Hannan discussing vulnerabilities like remote breaches, new attack surfaces and poor current controls. Continue Reading
By
- Nabil Hannan
News 28 Sep 2020
Ivanti makes double acquisition of MobileIron, Pulse Secure

Ivanti will acquire all outstanding shares of MobileIron stock for approximately $872 million. The financial terms of Pulse Secure's acquisition were not disclosed. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 23 Sep 2020
7 SOC automation use cases to augment security operations

Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading
By
- Jessica Groopman, Kaleido Insights
News 23 Sep 2020
FBI: Disinformation attacks on election results 'likely'

Foreign threat actors and cybercriminals are "likely" to spread disinformation around 2020 election results through social media and also alter election-related websites. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 23 Sep 2020
5 key enterprise SOC team roles and responsibilities

Review the key players in the 2020 SOC and their specific responsibilities, as well as best practices to ensure effective teamwork for a secure organization. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 21 Sep 2020
Cyber attacks on schools increasing amid remote learning shift

The pandemic forced schools to make a quick transition to remote learning with little resources and weak security postures, and threat actors have increased their attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 16 Sep 2020
Gartner: Securing remote workforce a top priority

In a COVID-19 pandemic world with new security threats and risks emerging, Gartner analysts discussed the urgency of securing access and devices for remote employees. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Sep 2020
Disinformation, mail-in ballots top election security concerns

While there have been no major cyberattacks this election season, threat actors are waging disinformation campaigns around hot-button issues like mail-in ballots. Continue Reading
By
- Arielle Waldman, News Writer
Video 26 Aug 2020
AI security concerns keeping infosec leaders up at night

Conversations about 'AI as a solution' may overlook potentially grave AI security issues. Explore the potential infosec implications of the emerging technology in this video. Continue Reading
By
- Katie Donegan, Social Media Manager
Feature 17 Aug 2020
How to handle Amazon S3 bucket pen testing complexity

Security researcher Benjamin Caudill shares details from his book, 'Hands-On AWS Penetration Testing with Kali Linux,' and advice on Amazon S3 bucket pen testing for ethical hackers. Continue Reading
By
- Katie Donegan, Social Media Manager
Podcast 14 Aug 2020
Risk & Repeat: Black Hat 2020 highlights

This week's Risk & Repeat podcast recaps Black Hat USA 2020 and discusses some of the best sessions, worst vulnerabilities and the overall virtual conference experience. Continue Reading
By
- Rob Wright, Senior News Director
Guest Post 13 Aug 2020
How security champions can help, despite working remotely

By effectively using collaboration tools, security champions can still spread a company's security message even as most offices stay closed and employees work remotely. Continue Reading
By
- Dan Cornell
News 06 Aug 2020
CISA chief: Ransomware could threaten election security

During a Black Hat USA 2020 session, CISA Chief Christopher Krebs said ransomware attacks on city, state and local governments are a major concern for election security. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Aug 2020
Matt Blaze warns of election security challenges amid COVID-19

In his Black Hat USA 2020 keynote, security researcher Matt Blaze discussed the challenges facing U.S. elections this year and what must be done to solve them. Continue Reading
By
- Rob Wright, Senior News Director
Tip 20 Jul 2020
Post-pandemic cybersecurity: Lessons learned

Pandemic lockdowns provided companies with valuable cybersecurity experience. Here's how to make sure post-pandemic cybersecurity operations are prepared for a second wave. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
News 15 Jul 2020
Advent, Forescout bury the hatchet with new acquisition deal

Despite an ugly legal dispute and allegations of channel stuffing, Advent International and Forescout Technologies are moving forward with an amended acquisition agreement. Continue Reading
By
- Rob Wright, Senior News Director
Tip 15 Jul 2020
To face modern threats, using AI for cybersecurity a necessity

As cyberattacks grow in complexity, using AI for cybersecurity is required to stay ahead of threats. Here's how to integrate AI into security processes and avoid potential risk. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Feature 02 Jul 2020
Interconnected critical infrastructure increases cybersecurity risk

Separately managed but interconnected critical infrastructure sectors are not all bound to security requirements and may be at risk of cascading attacks. Continue Reading
By
- Michael Heller, TechTarget
Tip 30 Jun 2020
3 must-ask post-pandemic questions for CISOs

The worldwide health pandemic has created multiple challenges for today's CISOs and their security teams. Ask these three questions to stay safe in a post-pandemic workplace. Continue Reading
By
- Jessica Groopman, Kaleido Insights
Podcast 19 Jun 2020
Risk & Repeat: Vault 7 report slams CIA security practices

This week's Risk & Repeat podcast discusses the CIA's internal task force report on the Vault 7 leak, which blasted the agency for a variety of serious security lapses. Continue Reading
By
- Rob Wright, Senior News Director
News 16 Jun 2020
CIA unaware of Vault 7 theft until WikiLeaks dump

An internal CIA report from the Wikileaks Task Force blasted the agency over the leak of the Vault 7 cyberweapons, which exposed dangerous hacking tools and vulnerabilities. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 16 Jun 2020
Unpack the use of AI in cybersecurity, plus pros and cons

The use of AI in cybersecurity is now under renewed scrutiny as its popularity rises. Discover the pros and cons of machine learning and AI for incident response. Continue Reading
By
- Peter Sullivan
Tip 27 May 2020
Top 6 cloud security analytics use cases

Security analytics use cases vary from fraud detection to threat intelligence analysis. Learn how deploying this technology in the cloud can improve enterprise infosec programs. Continue Reading
By
- Dave Shackleford, Voodoo Security
Podcast 22 May 2020
Risk & Repeat: When will mobile voting be ready?

This week's Risk & Repeat podcast examines the rise of mobile voting apps and how security experts have expressed concerns about the risks deploying the technology for elections. Continue Reading
By
- Rob Wright, Senior News Director
News 20 May 2020
Forescout sues Advent for calling off acquisition

Forescout Technologies filed a lawsuit against Advent International, claiming the private equity firm violated the terms of its $1.9 billion acquisition agreement. Continue Reading
By
- Arielle Waldman, News Writer
Tip 19 May 2020
Top 2 post-COVID-19 CISO priorities changing in 2020

CISO priorities for 2020 were upended when the COVID-19 pandemic hit. Learn two ways forward-thinking CISOs are planning to deal with the new normal. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Podcast 15 May 2020
Risk & Repeat: Black Hat, DEF CON canceled

This week's Risk & Repeat podcast looks at the recent cancellations of Black Hat USA 2020 and DEF CON 28 and what their virtual replacements will try to accomplish. Continue Reading
By
- Rob Wright, Senior News Director
Feature 15 May 2020
Advance your security operations center with AI

Powering a security operations center with AI systems not only automates tasks, but also complements admins' efforts to more effectively combat threats and transform processes. Continue Reading
By
- Sharon Shea, Executive Editor