Expert analysis

ChatGPTriage: How can CISOs see and control employees’ AI use?

Artificial Intelligence, ChatGPT, CISO, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion, Privacy, WitnessAI /

ChatGPTriage: How can CISOs see and control employees’ AI use? 2024-07-16 at 08:01 By Help Net Security It’s been less than 18 months since the public introduction of ChatGPT, which gained 100 million users in less than two months. Given the hype, you would expect enterprise adoption of generative AI to be significant, but it’s […]

React to this headline:

Loading spinner

ChatGPTriage: How can CISOs see and control employees’ AI use? Read More »

Risk related to non-human identities: Believe the hype, reject the FUD

access control, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, Sweet Security /

Risk related to non-human identities: Believe the hype, reject the FUD 2024-07-15 at 08:01 By Help Net Security The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related breaches is causing some of

React to this headline:

Loading spinner

Risk related to non-human identities: Believe the hype, reject the FUD Read More »

How to design a third-party risk management framework

Beaconer, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, Incident Response, News, opinion, Risk Management, security controls /

How to design a third-party risk management framework 2024-07-12 at 07:31 By Help Net Security Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as third-party networks, which can be used by hackers to attack an organization. Through a strong TPRM framework, companies gain

React to this headline:

Loading spinner

How to design a third-party risk management framework Read More »

How AI helps decode cybercriminal strategies

Artificial Intelligence, cybercriminals, cybersecurity, dark web, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Searchlight Cyber, threat, Threat Intelligence /

How AI helps decode cybercriminal strategies 2024-07-11 at 07:32 By Help Net Security With terms like “AI washing” making their way into mainstream business consciousness, the hype surrounding AI is making it harder to differentiate between the true applications and empty promises of the technology. The quest for tangible business benefits is in full swing,

React to this headline:

Loading spinner

How AI helps decode cybercriminal strategies Read More »

Diversifying cyber teams to tackle complex threats

CAPSLOCK, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development /

Diversifying cyber teams to tackle complex threats 2024-07-10 at 08:01 By Help Net Security Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims into investment scams, to a self-replicating AI worm that uses the likes of

React to this headline:

Loading spinner

Diversifying cyber teams to tackle complex threats Read More »

Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella

attacks, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Mercury Risk And Compliance, News, opinion, regulation, risk, strategy /

Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella 2024-07-09 at 07:31 By Help Net Security Microsoft is suffering cybersecurity failures due to systemic problems with strategic leadership. The world is witnessing an alarming trend of cybersecurity issues with Microsoft products and services. Over the past several years, Microsoft has suffered several serious attacks with

React to this headline:

Loading spinner

Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella Read More »

July 2024 Patch Tuesday forecast: The end of an AV giant in the US

Expert analysis, Microsoft, News, opinion, Patch Tuesday, predictions /

July 2024 Patch Tuesday forecast: The end of an AV giant in the US 2024-07-08 at 07:31 By Mirko Zorz The US celebrated Independence Day last week, providing many with a long weekend leading into patch week. With summer vacations underway, many developers must be out of the office because June was fairly quiet regarding

React to this headline:

Loading spinner

July 2024 Patch Tuesday forecast: The end of an AV giant in the US Read More »

The impossibility of “getting ahead” in cyber defense

Artificial Intelligence, Blancco Technology Group, cyber resilience, cyberattacks, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion /

The impossibility of “getting ahead” in cyber defense 2024-07-02 at 07:01 By Help Net Security As a security professional, it can be tempting to believe that with sufficient resources we can achieve of state of parity, or even relative dominance, over cyber attackers. After all, if we got to an ideal state – fully staffed

React to this headline:

Loading spinner

The impossibility of “getting ahead” in cyber defense Read More »

Preparing for Q-Day as NIST nears approval of PQC standards

CISO, cybersecurity, data security, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, Lastwall, News, opinion, quantum computing, standards, threats /

Preparing for Q-Day as NIST nears approval of PQC standards 2024-07-01 at 06:32 By Help Net Security Q-Day—the day when a cryptographically relevant quantum computer can break most forms of modern encryption—is fast approaching, leaving the complex systems our societies rely on vulnerable to a new wave of cyberattacks. While estimates just a few years

React to this headline:

Loading spinner

Preparing for Q-Day as NIST nears approval of PQC standards Read More »

Why are threat actors faking data breaches?

Cato Networks, cybersecurity, dark web, data breach, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, monitoring, News, opinion /

Why are threat actors faking data breaches? 2024-06-24 at 07:16 By Help Net Security Earlier this year Europcar discovered a hacker selling info on its 50 million customers on the dark web. The European car rental company immediately launched an investigation, only to discover that the data being sold was completely doctored, possibly using generative

React to this headline:

Loading spinner

Why are threat actors faking data breaches? Read More »

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Gutsy, Hot stuff, News, opinion, tips, vulnerability management /

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams 2024-06-18 at 08:01 By Help Net Security Cybersecurity isn’t just about firewalls and antivirus. It’s about understanding how your defenses, people, and processes work together. Just like Google Maps revolutionized navigation, process mapping can revolutionize how you understand and manage your security

React to this headline:

Loading spinner

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams Read More »

Low code, high stakes: Addressing SQL injection

Application Security, attacks, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, News, Nokod Security, opinion, software development, SQL injection /

Low code, high stakes: Addressing SQL injection 2024-06-17 at 08:01 By Help Net Security Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source of web application vulnerabilities. Reasons include human error, new technologies

React to this headline:

Loading spinner

Low code, high stakes: Addressing SQL injection Read More »

Modern fraud detection need not rely on PII

cybercrime, cybersecurity, Darwinium, Don't miss, Expert analysis, fraud, Hot stuff, News, opinion, threats /

Modern fraud detection need not rely on PII 2024-06-14 at 07:32 By Help Net Security Trends in online fraud detection often act as the canary in the coal mine when it comes to understanding and combating the next generation of online scams, fraud and cybersecurity threats. These days, security and fraud experts worry that insufficient

React to this headline:

Loading spinner

Modern fraud detection need not rely on PII Read More »

Urgently needed: AI governance in cyber warfare

Artificial Intelligence, cybersecurity, Cyberwarfare, Don't miss, Expert analysis, Expert corner, Hot stuff, Information Security Forum, News, opinion, risk /

Urgently needed: AI governance in cyber warfare 2024-06-13 at 12:31 By Help Net Security Artificial intelligence is quickly becoming central to societal growth. AI has great power to improve daily life, from education to healthcare, from sustainability to defense. AI also brings to the forefront a number of risks that cut across the core values

React to this headline:

Loading spinner

Urgently needed: AI governance in cyber warfare Read More »

Open-source security in AI

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, open source, Open Source Technology Improvement Fund, opinion /

Open-source security in AI 2024-06-12 at 07:31 By Help Net Security New AI products are coming onto the market faster than we have seen in any previous technology revolution. Companies’ free access and right to use open source in AI software models has allowed them to prototype an AI product to market cheaper than ever

React to this headline:

Loading spinner

Open-source security in AI Read More »

Cloud migration expands the CISO role yet again

CISO, Cloud, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, News, opinion, RegScale, Risk Management /

Cloud migration expands the CISO role yet again 2024-06-11 at 07:31 By Help Net Security The CISO role used to be focused primarily on information security — creating and implementing policies to safeguard an organization’s data and IT infrastructure from cybersecurity threats. However, as organizations rapidly migrate to cloud environments, the responsibilities and challenges for

React to this headline:

Loading spinner

Cloud migration expands the CISO role yet again Read More »

AI’s role in accelerating vulnerability management

Artificial Intelligence, automation, cybersecurity, data analysis, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Risk Management, Seemplicity, threats, vulnerability management /

AI’s role in accelerating vulnerability management 2024-06-10 at 08:01 By Help Net Security With its capability to analyze, predict, and automate, AI stands to reshape many corners of business, most notably cybersecurity. In the field of vulnerability management specifically, AI is poised to have a profound impact, enhancing two key areas: Providing quicker analysis and

React to this headline:

Loading spinner

AI’s role in accelerating vulnerability management Read More »

No summer break for cybercrime: Why educational institutions need better cyber resilience

cyber resilience, cybercrime, cybersecurity, Don't miss, education, Endpoint Security, Expert analysis, Expert corner, Hot stuff, News, opinion, Tanium /

No summer break for cybercrime: Why educational institutions need better cyber resilience 2024-06-05 at 07:31 By Help Net Security The education system isn’t equipped to handle today’s cyberthreats. I’m not just talking about cybersecurity education in schools shaping the technical workforce of the future – America’s schools themselves are prime targets for cybercrime today. In

React to this headline:

Loading spinner

No summer break for cybercrime: Why educational institutions need better cyber resilience Read More »

Avoiding the cybersecurity blame game

cybersecurity, Data Protection, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, News, opinion, policy, Praxis Security Labs, Risk Management /

Avoiding the cybersecurity blame game 2024-05-29 at 07:31 By Help Net Security Cyber risk management has many components. Those who do it well will conduct comprehensive risk assessments, enact well-documented and well-communicated processes and controls, and fully implemented monitoring and review requirements. Processes and controls typically comprise policies, which will include detailed explanations of the

React to this headline:

Loading spinner

Avoiding the cybersecurity blame game Read More »

The evolution of security metrics for NIST CSF 2.0

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Gutsy, Hot stuff, News, opinion, security metrics, threats /

The evolution of security metrics for NIST CSF 2.0 2024-05-28 at 08:03 By Help Net Security CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or single indicators — vulnerabilities detected, percentage of vulnerabilities patched, software and hardware asset inventory

React to this headline:

Loading spinner

The evolution of security metrics for NIST CSF 2.0 Read More »

Scroll to Top