Hot stuff

How healthcare CISOs can balance security and accessibility without compromising care

CISO, cyber risk, cybersecurity, Don't miss, Features, healthcare, HealthEquity, Hot stuff, News, opinion, Risk Management, security controls, strategy /

How healthcare CISOs can balance security and accessibility without compromising care 2025-03-20 at 08:35 By Mirko Zorz In this Help Net Security interview, Sunil Seshadri, EVP and CSO at HealthEquity, talks about the growing risks to healthcare data and what organizations can do to stay ahead. He shares insights on vendor management, zero trust, and […]

React to this headline:

Loading spinner

How healthcare CISOs can balance security and accessibility without compromising care Read More »

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

APT, cyber espionage, cybercrime, Don't miss, exploit, Hot stuff, News, Windows /

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) 2025-03-19 at 16:00 By Zeljka Zorz State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative

React to this headline:

Loading spinner

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) Read More »

Moving beyond checkbox security for true resilience

CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, strategy, threats /

Moving beyond checkbox security for true resilience 2025-03-19 at 08:13 By Mirko Zorz In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply chain risks.

React to this headline:

Loading spinner

Moving beyond checkbox security for true resilience Read More »

The rise of DAST 2.0 in 2025

Application Security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, security testing, StackHawk /

The rise of DAST 2.0 in 2025 2025-03-18 at 18:02 By Help Net Security Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to analyze source code early in the software delivery lifecycle, SAST solutions offered a more proactive

React to this headline:

Loading spinner

The rise of DAST 2.0 in 2025 Read More »

FBI: Free file converter sites and tools deliver malware

adware, Don't miss, FBI, Hot stuff, Malware, Malwarebytes, News, trojan /

FBI: Free file converter sites and tools deliver malware 2025-03-18 at 13:35 By Zeljka Zorz Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned earlier this month. “To conduct this scheme, cyber criminals across the globe are using any type

React to this headline:

Loading spinner

FBI: Free file converter sites and tools deliver malware Read More »

How financial institutions can minimize their attack surface

CISO, cybersecurity, Discover, Don't miss, Features, financial industry, Hot stuff, News, online banking, opinion, regulation, Risk Management, threats /

How financial institutions can minimize their attack surface 2025-03-18 at 08:01 By Mirko Zorz In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on balancing compliance with agility, lessons from regulatory audits, and Discover’s approach to risk management and workforce development.

React to this headline:

Loading spinner

How financial institutions can minimize their attack surface Read More »

Review: Cybersecurity Tabletop Exercises

books, cybersecurity, Don't miss, Hot stuff, Incident Response, News, Review, Reviews, skill development, strategy, tips /

Review: Cybersecurity Tabletop Exercises 2025-03-17 at 07:31 By Mirko Zorz Packed with real-world case studies and practical examples, Cybersecurity Tabletop Exercises offers insights into how organizations have successfully leveraged tabletop exercises to identify security gaps and enhance their incident response strategies. The authors explore a range of realistic scenarios, including phishing campaigns, ransomware attacks, and

React to this headline:

Loading spinner

Review: Cybersecurity Tabletop Exercises Read More »

Quantifying cyber risk strategies to resonate with CFOs and boards

CISO, cyber risk, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, News, opinion, PwC, resilience, strategy /

Quantifying cyber risk strategies to resonate with CFOs and boards 2025-03-14 at 17:02 By Mirko Zorz In this Help Net Security interview, Mir Kashifuddin, Data Risk & Privacy Leader at PwC, discusses how CISOs can translate cyber risk into business value and secure a more strategic role within their organizations. He explains that aligning cybersecurity

React to this headline:

Loading spinner

Quantifying cyber risk strategies to resonate with CFOs and boards Read More »

Top 5 threats keeping CISOs up at night in 2025

Artificial Intelligence, CISO, cybersecurity, Don't miss, Hot stuff, News, Ransomware, regulation, strategy, supply chain attacks, threats, tips /

Top 5 threats keeping CISOs up at night in 2025 2025-03-14 at 08:05 By Help Net Security Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk management, insider threat mitigation, and compliance preparedness,

React to this headline:

Loading spinner

Top 5 threats keeping CISOs up at night in 2025 Read More »

CISOs, are your medical devices secure? Attackers are watching closely

CISO, Claroty, cyber risk, cybersecurity, Don't miss, hardware, healthcare, Hot stuff, legacy technology, News, Risk Management, strategy, tips, Vigilant Ops /

CISOs, are your medical devices secure? Attackers are watching closely 2025-03-13 at 08:02 By Mirko Zorz The adoption of connected medical devices, collectively called the Internet of Medical Things (IoMT), has transformed patient care. However, this technological advancement has also introduced cybersecurity challenges to safeguard patient safety and uphold organizational security. Securing IoMT: Prioritizing risks

React to this headline:

Loading spinner

CISOs, are your medical devices secure? Attackers are watching closely Read More »

Burnout in cybersecurity: How CISOs can protect their teams (and themselves)

BH Consulting, Brian Honan, burnout, CISO, cybersecurity, Don't miss, Hot stuff, how-to, News, security operations, strategy, tips /

Burnout in cybersecurity: How CISOs can protect their teams (and themselves) 2025-03-12 at 07:37 By Mirko Zorz Cybersecurity is a high-stakes, high-pressure field in which CISOs and their teams constantly battle threats, compliance requirements, and business expectations. The demand for 24/7 vigilance, sophisticated attacks, and a shortage of skilled professionals have led to a burnout

React to this headline:

Loading spinner

Burnout in cybersecurity: How CISOs can protect their teams (and themselves) Read More »

Smart cybersecurity spending and how CISOs can invest where it matters

CISO, cybersecurity, Don't miss, HackerOne, Hot stuff, how-to, News, Optiv Security, security ROI, security spending, strategy, tips /

Smart cybersecurity spending and how CISOs can invest where it matters 2025-03-11 at 08:30 By Mirko Zorz CISOs face mounting pressure to spend wisely on security. Yet, many organizations remain vulnerable due to misplaced priorities and inefficient budgeting. This article explores common pitfalls and offers strategies to strengthen cybersecurity. Recent data highlights a paradox: while

React to this headline:

Loading spinner

Smart cybersecurity spending and how CISOs can invest where it matters Read More »

How remote work strengthens cybersecurity teams

Black Kite, CISO, cybersecurity, Don't miss, Hot stuff, hybrid workforce, News, remote work, strategy, tips /

How remote work strengthens cybersecurity teams 2025-03-11 at 07:32 By Anamarija Pogorelec The global transition to remote work has reshaped traditional workplace dynamics, introducing challenges and opportunities for cybersecurity teams. For CISOs and security professionals, embracing a remote workforce can be a strategic advantage, enhancing team capabilities and driving the modernization of security practices. Specialized

React to this headline:

Loading spinner

How remote work strengthens cybersecurity teams Read More »

Review: The Cybersecurity Trinity

Artificial Intelligence, books, cybersecurity, Don't miss, Hot stuff, News, Review, Reviews, strategy, tips /

Review: The Cybersecurity Trinity 2025-03-10 at 18:02 By Mirko Zorz The Cybersecurity Trinity provides a comprehensive approach to modern cybersecurity by integrating AI, automation, and active cyber defense (ACD) into a unified strategy. Instead of addressing these elements in isolation, the author demonstrates how they work together to enhance security effectiveness, offering a practical and

React to this headline:

Loading spinner

Review: The Cybersecurity Trinity Read More »

March 2025 Patch Tuesday forecast: A return to normalcy

Adobe, apple, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions /

March 2025 Patch Tuesday forecast: A return to normalcy 2025-03-10 at 08:33 By Help Net Security The February Patch Tuesday updates and activity during the month marked a return to normalcy for patch management. Following the January updates addressing 100+ vulnerabilities, we saw 37 CVEs fixed in Windows 11 and 33 CVEs in Windows 10.

React to this headline:

Loading spinner

March 2025 Patch Tuesday forecast: A return to normalcy Read More »

Can AI-powered gamified simulations help cybersecurity teams keep up?

Don't miss, Hot stuff, how-to, Immersive Labs, News, skill development, strategy, tips /

Can AI-powered gamified simulations help cybersecurity teams keep up? 2025-03-07 at 08:04 By Mirko Zorz Traditional training often lacks the hands-on experience cybersecurity teams need to counter advanced threats. AI-powered gamified simulations combine artificial intelligence with interactive learning to enhance their skills. Conventional cybersecurity training programs frequently rely on static content, which can become outdated.

React to this headline:

Loading spinner

Can AI-powered gamified simulations help cybersecurity teams keep up? Read More »

AI threats and workforce shortages put pressure on security leaders

Artificial Intelligence, cybersecurity, Don't miss, Fortra, Hot stuff, professional, threats, Video /

AI threats and workforce shortages put pressure on security leaders 2025-03-07 at 07:30 By Help Net Security In this Help Net Security video, John Grancarich, Fortra’s Chief Strategy Officer, discusses the 2025 Fortra State of Cybersecurity Survey and highlights escalating concerns among security professionals about AI-driven threats and a shortage of cybersecurity skills. The survey

React to this headline:

Loading spinner

AI threats and workforce shortages put pressure on security leaders Read More »

The CISO’s bookshelf: 10 must-reads for security leaders

books, CISO, Don't miss, Hot stuff, News, skill development, strategy, tips /

The CISO’s bookshelf: 10 must-reads for security leaders 2025-03-06 at 07:56 By Help Net Security Discover essential reads for CISOs in this curated list of books covering cybersecurity leadership, risk management, zero trust, board communication, and more. Why CISOs Fail, 2nd Edition Author: Barak Engel Barak Engel expands on the ideas from his original 2017

React to this headline:

Loading spinner

The CISO’s bookshelf: 10 must-reads for security leaders Read More »

The 5 stages of incident response grief

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, LogicGate, News, opinion /

The 5 stages of incident response grief 2025-03-05 at 18:03 By Help Net Security Whether we recognize it or not, anytime an incident occurs, it sets off the grieving process. But grief isn’t a bad thing: it’s how we process our emotional reactions and move on. That’s precisely what security teams need to do in

React to this headline:

Loading spinner

The 5 stages of incident response grief Read More »

Scroll to Top