Expert analysis

3 ways to achieve crypto agility in a post-quantum world

3 ways to achieve crypto agility in a post-quantum world 2024-02-06 at 07:31 By Help Net Security Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability to (at the moment of compromise) switch rapidly and seamlessly between certificate authorities, encryption standards […]

React to this headline:

Loading spinner

3 ways to achieve crypto agility in a post-quantum world Read More »

Migrating to the cloud: An overview of process and strategy

Migrating to the cloud: An overview of process and strategy 2024-02-05 at 06:01 By Help Net Security Over the next few years, the number of organizations navigating to the cloud to advance their business goals is expected to grow exponentially. According to Gartner, more than 70% of enterprises will use cloud platforms to accelerate their

React to this headline:

Loading spinner

Migrating to the cloud: An overview of process and strategy Read More »

Does CVSS 4.0 solve the exploitability problem?

Does CVSS 4.0 solve the exploitability problem? 2024-01-31 at 08:03 By Help Net Security The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is officially live. Building iteratively on version 3 there are a few differences

React to this headline:

Loading spinner

Does CVSS 4.0 solve the exploitability problem? Read More »

Great security or great UX? Both, please

Great security or great UX? Both, please 2024-01-30 at 08:02 By Help Net Security A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate their

React to this headline:

Loading spinner

Great security or great UX? Both, please Read More »

The effect of omission bias on vulnerability management

The effect of omission bias on vulnerability management 2024-01-24 at 08:31 By Help Net Security Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management.

React to this headline:

Loading spinner

The effect of omission bias on vulnerability management Read More »

Why cyberattacks mustn’t be kept secret

Why cyberattacks mustn’t be kept secret 2024-01-23 at 08:01 By Help Net Security No company is immune to cyberattacks, but when the inevitable happens, too many companies still try to maintain a wall of silence. In fact, over half of security professionals admit their organizations maintain a culture of security through obscurity, with over one-third

React to this headline:

Loading spinner

Why cyberattacks mustn’t be kept secret Read More »

Without clear guidance, SEC’s new rule on incident reporting may be detrimental

Without clear guidance, SEC’s new rule on incident reporting may be detrimental 2024-01-22 at 08:01 By Help Net Security The SEC has instituted a set of guidelines “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.” These new

React to this headline:

Loading spinner

Without clear guidance, SEC’s new rule on incident reporting may be detrimental Read More »

Out with the old and in with the improved: MFA needs a revamp

Out with the old and in with the improved: MFA needs a revamp 2024-01-19 at 08:02 By Help Net Security From AI to ZTA (zero-trust architecture), the technology responsible for protecting your company’s data has evolved immensely. Despite the advances, cybercriminals repeatedly find new and creative ways to gain access to sensitive information. This can

React to this headline:

Loading spinner

Out with the old and in with the improved: MFA needs a revamp Read More »

Attribute-based encryption could spell the end of data compromise

Attribute-based encryption could spell the end of data compromise 2024-01-18 at 08:02 By Help Net Security The future of data privacy is the end of compromise. With the world producing data at astounding rates, we need ways to put data to the best use while protecting against breaches and ensuring privacy, data protection and access

React to this headline:

Loading spinner

Attribute-based encryption could spell the end of data compromise Read More »

Security considerations during layoffs: Advice from an MSSP

Security considerations during layoffs: Advice from an MSSP 2024-01-17 at 08:01 By Help Net Security Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee

React to this headline:

Loading spinner

Security considerations during layoffs: Advice from an MSSP Read More »

3 ways to combat rising OAuth SaaS attacks

3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the

React to this headline:

Loading spinner

3 ways to combat rising OAuth SaaS attacks Read More »

Flipping the BEC funnel: Phishing in the age of GenAI

Flipping the BEC funnel: Phishing in the age of GenAI 2024-01-15 at 08:02 By Help Net Security For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the

React to this headline:

Loading spinner

Flipping the BEC funnel: Phishing in the age of GenAI Read More »

Cloud security predictions for 2024

Cloud security predictions for 2024 2024-01-12 at 07:31 By Help Net Security As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. Businesses and cybersecurity professionals must stay abreast of these changes, adapting their strategies to ensure a

React to this headline:

Loading spinner

Cloud security predictions for 2024 Read More »

Purple teaming and the role of threat categorization

Purple teaming and the role of threat categorization 2024-01-11 at 07:31 By Help Net Security Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments

React to this headline:

Loading spinner

Purple teaming and the role of threat categorization Read More »

Top LLM vulnerabilities and how to mitigate the associated risk

Top LLM vulnerabilities and how to mitigate the associated risk 2024-01-10 at 07:31 By Help Net Security As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meaning CISOs

React to this headline:

Loading spinner

Top LLM vulnerabilities and how to mitigate the associated risk Read More »

If you prepare, a data security incident will not cause an existential crisis

If you prepare, a data security incident will not cause an existential crisis 2024-01-09 at 08:02 By Help Net Security Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an immediate and

React to this headline:

Loading spinner

If you prepare, a data security incident will not cause an existential crisis Read More »

January 2024 Patch Tuesday forecast: A Focus on Printing

January 2024 Patch Tuesday forecast: A Focus on Printing 2024-01-05 at 08:16 By Help Net Security Happy 2024 Everyone! I hope everyone is looking forward to another exciting year in the ever-changing world of IT operations and software security. This article aims to provide a quick summary of some of the latest trends, announcements, and

React to this headline:

Loading spinner

January 2024 Patch Tuesday forecast: A Focus on Printing Read More »

Why you need to extend enterprise IT security to the mainframe

Why you need to extend enterprise IT security to the mainframe 2023-12-29 at 07:32 By Help Net Security Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the incompatibility of tools designed for both mainframes and enterprise settings, resulting in disparate solutions, training

React to this headline:

Loading spinner

Why you need to extend enterprise IT security to the mainframe Read More »

API security in 2024: Predictions and trends

API security in 2024: Predictions and trends 2023-12-29 at 07:02 By Help Net Security As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in modern applications and services, organizations will need to develop a better understanding of their API environments

React to this headline:

Loading spinner

API security in 2024: Predictions and trends Read More »

How to turn shadow IT into a culture of grassroots innovation

How to turn shadow IT into a culture of grassroots innovation 2023-12-28 at 07:32 By Help Net Security The proliferation of generative AI tools has been compared to the dawn of the internet, the spread of smartphones and laptops, and the mass transition to cloud computing. All these advancements make it easier for individuals to

React to this headline:

Loading spinner

How to turn shadow IT into a culture of grassroots innovation Read More »

Scroll to Top