Expert analysis

EU Cybersecurity Act 2.0: When good regulation goes bad

BH Consulting, Brian Honan, Compliance, Data Protection, Don't miss, enterprise, EU, Europe, Expert analysis, Expert corner, Hot stuff, News, opinion, regulation, strategy, tips /

EU Cybersecurity Act 2.0: When good regulation goes bad 2026-06-16 at 08:30 By Help Net Security Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good policy […]

EU Cybersecurity Act 2.0: When good regulation goes bad Read More »

How to use NIST and ISO frameworks to govern AI agents

agentic AI, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, News, NIST, opinion, Token Security /

How to use NIST and ISO frameworks to govern AI agents 2026-06-12 at 11:07 By Help Net Security Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke

How to use NIST and ISO frameworks to govern AI agents Read More »

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, strategy /

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic 2026-06-09 at 09:42 By Help Net Security The advent of AI-assisted vulnerability discovery and autonomous exploit development has brought about a new age in cybersecurity—one in which we can no longer rely on patching as a primary defense mechanism.

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic Read More »

June 2026 Patch Tuesday forecast: Where are the CVEs?

Adobe, Anthropic, apple, Don't miss, Expert analysis, Expert corner, Ivanti, Microsoft, Mozilla, News, opinion, Oracle /

June 2026 Patch Tuesday forecast: Where are the CVEs? 2026-06-05 at 10:16 By Help Net Security My forecast from last month was only partly right. After the Anthropic Mythos announcements and the deluge of newly discovered vulnerabilities from vendors like Mozilla, Microsoft’s updates were standard fare, 65 CVEs reported in Windows 11 and 58 in

June 2026 Patch Tuesday forecast: Where are the CVEs? Read More »

The modern-day business can learn a lot about risk from this year’s mega events

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, LogicGate, News, opinion, Risk Management, strategy /

The modern-day business can learn a lot about risk from this year’s mega events 2026-06-04 at 13:17 By Help Net Security Every year brings its share of global events, but 2026 is proving to be a banner year for mega-scale entertainment. The year got off to a roaring start with the Winter Olympics, and now

The modern-day business can learn a lot about risk from this year’s mega events Read More »

Attackers already know the secrets are on your developers’ machines. Do you?

Don't miss, Expert analysis, Expert corner, GitGuardian, Hot stuff, News /

Attackers already know the secrets are on your developers’ machines. Do you? 2026-06-04 at 09:26 By Help Net Security In a recent GitGuardian analysis, an average of 150 secrets were found on a sample of developer endpoints. Private keys accounted for 38% of unique secrets, while cloud, identity provider, and secret management credentials (AWS IAM,

Attackers already know the secrets are on your developers’ machines. Do you? Read More »

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment

access controls, asset discovery, cybersecurity, Don't miss, Expert analysis, Expert corner, manufacturing sector, network, News, opinion, patching, vulnerability management /

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment 2026-06-04 at 09:26 By Help Net Security A vulnerability scanner flags a critical CVSS 10 vulnerability on an industrial asset. The report lands in the boss’ inbox and now he wants to know why we’re sitting on a critical vulnerability. In a normal IT

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment Read More »

Why you need BAS and autonomous pentesting together

Don't miss, Expert analysis, Expert corner, Hot stuff, News, Picus Security /

Why you need BAS and autonomous pentesting together 2026-06-02 at 09:09 By Help Net Security Most security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account

Why you need BAS and autonomous pentesting together Read More »

Manage machine identities: The hidden privileged access layer you need to manage

access management, AI, Delinea, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, News, Non Human Identities, opinion /

Manage machine identities: The hidden privileged access layer you need to manage 2026-05-26 at 08:37 By Help Net Security Why are machine identities becoming the majority of “things with access”? Every automation, integration, and workload needs a way to authenticate and the right permissions to act. That quiet requirement has created a massive population of

Manage machine identities: The hidden privileged access layer you need to manage Read More »

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

AI, BH Consulting, cybercrime, cybersecurity, data breach, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Ransomware /

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report 2026-05-25 at 08:59 By Help Net Security This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each year gets published. There are

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report Read More »

7 hard truths security pros should know: 2026 DevOps Threats Report

authentication, Cloud, DevOps, DevSecOps, Don't miss, Expert analysis, Expert corner, GitProtect.io, News, threats /

7 hard truths security pros should know: 2026 DevOps Threats Report 2026-05-20 at 09:34 By Help Net Security In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by GitProtect. If you want to effectively counter attacks targeted at your

7 hard truths security pros should know: 2026 DevOps Threats Report Read More »

Your IAM was built for humans, AI agents don’t care

access management, AI, authentication, Curity, cybersecurity, Expert analysis, identity management, News, Non Human Identities, opinion /

Your IAM was built for humans, AI agents don’t care 2026-04-27 at 11:18 By Help Net Security Identity and access management was built for a simpler world. One where the hardest problem was a human logging in, and where “Who are you?” was sufficient to decide what someone could do. That model served enterprises well

Your IAM was built for humans, AI agents don’t care Read More »

What the EU AI Act requires for AI agent logging

Artificial Intelligence, Compliance, Don't miss, EU, Europe, Expert analysis, Expert corner, Hot stuff, logging, opinion, regulation, strategy /

What the EU AI Act requires for AI agent logging 2026-04-16 at 09:02 By Help Net Security The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps

What the EU AI Act requires for AI agent logging Read More »

29 million leaked secrets in 2025: Why AI agents credentials are out of control

Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, GitGuardian, Hot stuff, News, opinion /

29 million leaked secrets in 2025: Why AI agents credentials are out of control 2026-04-14 at 08:11 By Help Net Security AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most

29 million leaked secrets in 2025: Why AI agents credentials are out of control Read More »

April 2026 Patch Tuesday forecast: Spring-cleaning of a preview

Adobe, apple, cybersecurity, Expert analysis, Google, Ivanti, Mozilla, News, Patch Tuesday /

April 2026 Patch Tuesday forecast: Spring-cleaning of a preview 2026-04-10 at 10:37 By Help Net Security I just blinked and the first quarter of the year is GONE. Where does the time go? I looked back at my article from last month where I touched on the use of AI and some of the vulnerabilities

April 2026 Patch Tuesday forecast: Spring-cleaning of a preview Read More »

Why I’m done calling humans the weakest link

BH Consulting, Brian Honan, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, News, opinion, security awareness, strategy, user behavior /

Why I’m done calling humans the weakest link 2026-03-31 at 11:22 By Help Net Security Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners

Why I’m done calling humans the weakest link Read More »

Why risk alone doesn’t get you to yes

CISO, cyber risk, cybersecurity, Don't miss, Expert analysis, Expert corner, News, opinion, Risk Management, strategy /

Why risk alone doesn’t get you to yes 2026-03-30 at 09:29 By Help Net Security I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting

Why risk alone doesn’t get you to yes Read More »

Does Anthropic deserve the trust of the cybersecurity community?

Anthropic, Artificial Intelligence, Compliance, cybersecurity, Don't miss, Expert analysis, Hot stuff, Looking Glass Public Relations, News, opinion /

Does Anthropic deserve the trust of the cybersecurity community? 2026-03-12 at 08:35 By Help Net Security The cybersecurity industry runs on trust. The belief that when a vendor says they will behave a certain way, they will, that critical CVEs are in fact critical, or when companies say they’re GDPR compliant, they really are. But

Does Anthropic deserve the trust of the cybersecurity community? Read More »

March 2026 Patch Tuesday forecast: Is AI security an oxymoron?

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

March 2026 Patch Tuesday forecast: Is AI security an oxymoron? 2026-03-06 at 10:47 By Help Net Security Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI functionality in their products directly. But just how secure are

March 2026 Patch Tuesday forecast: Is AI security an oxymoron? Read More »

February 2026 Patch Tuesday forecast: Lots of OOB love this month

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

February 2026 Patch Tuesday forecast: Lots of OOB love this month 2026-02-06 at 09:54 By Help Net Security Valentine’s Day is just around the corner and Microsoft has been giving us a lot of love with a non-stop supply of patches starting with January 2026 Patch Tuesday. The January releases addressed 92 vulnerabilities in Windows

February 2026 Patch Tuesday forecast: Lots of OOB love this month Read More »

Scroll to Top