Behind the scenes of Serious Cryptography 2024-08-27 at 07:45 By Mirko Zorz In this Help Net Security interview, Jean-Philippe Aumasson, discusses the writing and research process for Serious Cryptography, his latest book. With a career steeped in research and practical cryptography, Aumasson offers a rare glimpse into the efforts required to distill complex concepts into […]
Behind the scenes of Serious Cryptography Read More »
AI for application security: Balancing automation with human oversight 2024-08-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Kyle Wickert, Worldwide Strategic Architect at AlgoSec, discusses the role of AI in application security, exploring how it’s transforming threat detection and response. Wickert talks about integrating security testing throughout the development lifecycle, the
AI for application security: Balancing automation with human oversight Read More »
How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations
How passkeys eliminate password management headaches Read More »
Key metrics for monitoring and improving ZTNA implementations 2024-08-13 at 07:01 By Mirko Zorz In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency. Hamilton highlights strategic planning, collaboration between IT and business leaders,
Key metrics for monitoring and improving ZTNA implementations Read More »
AI security 2024: Key insights for staying ahead of threats 2024-08-08 at 07:01 By Mirko Zorz In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry. Oshiba highlights vulnerabilities in technology systems and the proactive measures needed to mitigate
AI security 2024: Key insights for staying ahead of threats Read More »
Breaking down FCC’s proposal to strengthen BGP security 2024-08-07 at 06:31 By Mirko Zorz In this Help Net Security interview, Doug Madory, Director of Internet Analysis at Kentik, discusses the FCC’s proposal requiring major U.S. ISPs to implement RPKI Route Origin Validation (ROV), and addresses concerns about the impact on smaller ISPs and the global
Breaking down FCC’s proposal to strengthen BGP security Read More »
Researchers unearth MotW bypass technique used by threat actors for years 2024-08-06 at 14:31 By Zeljka Zorz Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multiple samples
Researchers unearth MotW bypass technique used by threat actors for years Read More »
Scaling data security solutions: What you need to know 2024-08-06 at 07:01 By Mirko Zorz In this Help Net Security interview, Bruno Kurtic, President and CEO at Bedrock Security, discusses the role of data visibility in enhancing cybersecurity. He explains that effective data visibility involves discovering, classifying, and contextualizing data, which helps organizations understand and
Scaling data security solutions: What you need to know Read More »
How to start your cybersecurity career: Expert tips and guidance 2024-08-05 at 07:31 By Mirko Zorz As businesses strive to protect their data and privacy, the demand for skilled cybersecurity professionals continues to grow. This article provides expert advice to help you navigate the early stages of your cybersecurity career, offering practical tips and insights.
How to start your cybersecurity career: Expert tips and guidance Read More »
Why CISOs face greater personal liability 2024-08-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Christos Tulumba, CISO at Veritas Technologies, discusses the key factors contributing to increased personal liability risks for CISOs. These risks are driven by heightened cybersecurity threats, evolving regulations, and increased public awareness of security breaches. Tulumba also
Why CISOs face greater personal liability Read More »
Leveraging dynamic configuration for seamless and compliant software changes 2024-07-31 at 06:01 By Mirko Zorz In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster response times during incidents. Niemiec explains how dynamic configuration evolves feature flagging, supports operational
Leveraging dynamic configuration for seamless and compliant software changes Read More »
Securing remote access to mission-critical OT assets 2024-07-30 at 07:01 By Mirko Zorz In this Help Net Security interview, Grant Geyer, Chief Strategy Officer at Claroty, discusses the prevalent vulnerabilities in Windows-based engineering workstations (EWS) and human-machine interfaces (HMI) within OT environments. Geyer also addresses the challenges and solutions for securing remote access to critical
Securing remote access to mission-critical OT assets Read More »
Why a strong patch management strategy is essential for reducing business risk 2024-07-29 at 07:01 By Mirko Zorz In this Help Net Security interview, Eran Livne, Senior Director of Product Management, Endpoint Remediation at Qualys and Thomas Scheffler, Security Operations Manager of Cintas Corporation, discuss their experiences with automated patch management. Scheffler details how Cintas
Why a strong patch management strategy is essential for reducing business risk Read More »
Cloud security threats CISOs need to know about 2024-07-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data breaches, misconfiguration, insider threats, advanced persistent threats, ransomware, API
Cloud security threats CISOs need to know about Read More »
Cybersecurity ROI: Top metrics and KPIs 2024-07-24 at 07:31 By Mirko Zorz In this Help Net Security interview, Karthik Swarnam, Chief Security and Trust Officer at ArmorCode, discusses key metrics and KPIs to measure cybersecurity ROI. Swarnam shares strategies for enhancing ROI through proactive measures and effective communication with executive leadership. What are the primary
Cybersecurity ROI: Top metrics and KPIs Read More »
Confidential AI: Enabling secure processing of sensitive data 2024-07-23 at 06:01 By Mirko Zorz In this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel’s approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology
Confidential AI: Enabling secure processing of sensitive data Read More »
Cross-industry standards for data provenance in AI 2024-07-22 at 07:31 By Mirko Zorz In this Help Net Security interview, Saira Jesani, Executive Director of the Data & Trust Alliance, discusses the role of data provenance in AI trustworthiness and its impact on AI models’ performance and reliability. Jesani highlights the collaborative process behind developing cross-industry
Cross-industry standards for data provenance in AI Read More »
Laying the groundwork for zero trust in the military 2024-07-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Curtis Arnold, VP and Chief Scientist at Core4ce, discusses the starting points for military training in zero trust principles, emphasizing foundational technologies and a unified taxonomy. Arnold provides insights into the DoD’s Zero Trust
Laying the groundwork for zero trust in the military Read More »
Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and
Overlooked essentials: API security best practices Read More »
Managing exam pressure: Tips for certification preparation 2024-07-16 at 07:32 By Mirko Zorz In this Help Net Security interview, Seth Hodgson, SVP of Engineering at Udemy, discusses effective study techniques for cybersecurity certification exams. Hodgson discusses the role of study groups, online forums, and professional networks in certification preparation and shares strategies for maintaining motivation
Managing exam pressure: Tips for certification preparation Read More »