Review: Data Engineering for Cybersecurity 2025-08-18 at 08:12 By Mirko Zorz Data Engineering for Cybersecurity sets out to bridge a gap many security teams encounter: knowing what to do with the flood of logs, events, and telemetry they collect. About the author James Bonifield has a decade of experience analyzing malicious activity, implementing data pipelines, […]
Review: Data Engineering for Cybersecurity Read More »
Weak alerting and slipping prevention raise risk levels for CISOs 2025-08-18 at 07:47 By Mirko Zorz Prevention effectiveness is falling, detection gaps remain wide, and attackers are exploiting weaknesses in data protection and credentials. Data theft prevention has dropped to 3 percent, password cracking success rates have nearly doubled, and new threat groups are bypassing
Weak alerting and slipping prevention raise risk levels for CISOs Read More »
Bridging the AI model governance gap: Key findings for CISOs 2025-08-18 at 07:47 By Anamarija Pogorelec While most organizations understand the need for strong AI model governance, many are still struggling to close gaps that could slow adoption and increase risk. The findings of a new Anaconda survey of more than 300 AI practitioners and
Bridging the AI model governance gap: Key findings for CISOs Read More »
How military leadership prepares veterans for cybersecurity success 2025-08-15 at 09:47 By Mirko Zorz In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity. Drawing on habits such
How military leadership prepares veterans for cybersecurity success Read More »
Cyber insurance market shows early signs of maturity 2025-08-15 at 09:06 By Sinisa Markovic The cyber insurance market is entering a new phase of evolution and showing early signs of maturity, according to recent research from Arctic Wolf. Brokers and carriers are taking on different but connected roles to help customers get policies. Brokers advise
Cyber insurance market shows early signs of maturity Read More »
Employees race to build custom AI apps despite security risks 2025-08-15 at 07:37 By Help Net Security The latest Netskope findings show a 50% increase in GenAI platform usage among enterprise end-users, driven by growing employee demand for tools to develop custom AI applications and agents. Top LLM interfaces by percentage in organizations (source: Netskope)
Employees race to build custom AI apps despite security risks Read More »
AI security governance converts disorder into deliberate innovation 2025-08-14 at 09:16 By Help Net Security AI security governance provides a stable compass, channeling efforts and transforming AI from an experimental tool to a reliable, enterprise-class solution. With adequate governance built at the center of AI efforts, business leaders can shape AI plans with intention, while
AI security governance converts disorder into deliberate innovation Read More »
The top CTEM platforms you should know in 2025 2025-08-14 at 08:02 By Help Net Security Continuous Threat Exposure Management (CTEM) is a modern cybersecurity strategy originally coined by Gartner analysts, which focuses on identifying, prioritizing, validating, and mobilizing teams to reduce threat exposure across an organization’s full attack surface. It’s in a category of
The top CTEM platforms you should know in 2025 Read More »
AWS CISO explains how cloud-native security scales with your business 2025-08-13 at 09:01 By Mirko Zorz In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes
AWS CISO explains how cloud-native security scales with your business Read More »
Global OT cyber risk could top $329 billion, new report warns 2025-08-13 at 07:36 By Anamarija Pogorelec A new study from Dragos and Marsh McLennan puts hard numbers on the global financial risk tied to OT cyber incidents. The 2025 OT Security Financial Risk Report estimates that the most extreme scenarios could place more than
Global OT cyber risk could top $329 billion, new report warns Read More »
CISOs face a complex tangle of tools, threats, and AI uncertainty 2025-08-13 at 07:02 By Anamarija Pogorelec Most organizations are juggling too many tools, struggling with security blind spots, and rushing into AI adoption without governance, according to JumpCloud. he average organization now uses more than nine tools to manage core IT functions. That is
CISOs face a complex tangle of tools, threats, and AI uncertainty Read More »
APT groups are getting personal, and CISOs should be concerned 2025-08-12 at 14:42 By Mirko Zorz Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store
APT groups are getting personal, and CISOs should be concerned Read More »
EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations 2025-08-12 at 08:01 By Help Net Security EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security professionals practice spotting and exploiting common misconfigurations. The tool creates a range
Why DNS threats should be on every CISO’s radar in 2025 2025-08-12 at 07:32 By Sinisa Markovic DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and enterprises are feeling the pressure. The report shows that DNS is being used
Why DNS threats should be on every CISO’s radar in 2025 Read More »
What the Matter 1.4.2 update means for smart home security 2025-08-11 at 18:28 By Anamarija Pogorelec Matter is built on the idea that smart home devices should be secure, reliable, and easy to use. It is based on Internet Protocol (IP), which allows devices, mobile apps, and cloud services to communicate. Matter also defines a
What the Matter 1.4.2 update means for smart home security Read More »
WinRAR zero day exploited by RomCom hackers in targeted attacks 2025-08-11 at 12:55 By Sinisa Markovic ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the portable
WinRAR zero day exploited by RomCom hackers in targeted attacks Read More »
How Brandolini’s law informs our everyday infosec reality 2025-08-11 at 09:00 By Help Net Security Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to produce it.” While it’s often thrown around in political debates and
How Brandolini’s law informs our everyday infosec reality Read More »
From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance
From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »
Pentesting is now central to CISO strategy 2025-08-11 at 07:36 By Anamarija Pogorelec Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 security leaders conducted by Emerald Research found that 68% are concerned about the risks posed by
Pentesting is now central to CISO strategy Read More »
Breaches are up, budgets are too, so why isn’t healthcare safer? 2025-08-11 at 07:11 By Sinisa Markovic A new report from Resilience outlines a growing cyber crisis in the U.S. healthcare sector, where ransomware attacks, vendor compromise, and human error continue to cause widespread disruption. In 2023, breaches exposed 168 million records, and the first
Breaches are up, budgets are too, so why isn’t healthcare safer? Read More »