Latest

Governance & Risk Management

SMBs! Forget Retainer-based Security Assessments: Demand Funded POCs

Adam Mansour  •  September 8, 2022

A new delivery model is surfacing for various assessment services - one that is going to be bad for SMBs, whose options were already limited.

3rd Party Risk Management

The Key To Compliance? Third-Party Management

Tori Taylor  •  August 30, 2022

They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.

Next-Generation Technologies & Secure Development

The Value of Digital Transformation

Andrew Stevens  •  August 30, 2022

With the increase in remote workers and proliferation of uncontrolled devices, your IT team has been migrating applications to the cloud along with building cloud-native applications to support the speed needed by the business.

►

Cybercrime

'Unintended Consequences': Post-GDPR Whois Access Problems

Mathew J. Schwartz  •  August 22, 2022

Domain name registrars track domain name owners via "whois" data, which is a crucial tool for investigators combating cybercrime. But Kroll's Alan Brill says that since the EU General Data Protection Regulation went into effect, many registrars no longer publicly share such information, and that's a problem.

Fraud Management & Cybercrime

Evolving Ransomware Threats on Healthcare

Adam Mansour  •  August 22, 2022

While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit.

Breach Notification

Lack of Access Management Is Causing Data Breaches

Isa Jones  •  August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare  •  August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?

Endpoint Detection & Response (EDR)

MDR vs Managed EDR: The Two Meanings of Managed

Adam Mansour  •  August 10, 2022

While Managed EDR can help in many endpoint scenarios, it’s important to be aware that going beyond the endpoint allows MDR and extended detection and response (XDR) to offer broader cybersecurity coverage.

Cloud Security

Netskope Expands Into Cloud Networking With Infiot Purchase

Michael Novinson  •  August 2, 2022

With its acquisition of Infiot, Netskope now carries both the networking and security technology needed to build a Secure Access Service Edge architecture following. The acquisition of Infiot's platform will allow Netskope customers to address both traditional and emerging SD-WAN use cases.

►

Endpoint Security

Profiles in Leadership: Sean Mack

Mathew J. Schwartz  •  July 25, 2022

Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.

Access Management

Thales Buys OneWelcome for $101.6M to Enter CIAM Market

Michael Novinson  •  July 18, 2022

Thales plans to enter the customer identity and access management market through its purchase of an emerging European CIAM player. The French firm plans to capitalize on OneWelcome's strong product by extending its footprint beyond Europe and into North America and Asia-Pacific.

Access Management

How Machine Learning Is Changing Access Monitoring

Isa Jones  •  July 5, 2022

As this technology is automated, it can also scan more accesses because a new rule doesn’t need to be created for each access. You can jump from a 1% audit rate to a 99% audit rate.