Why your security team feels stuck 2025-07-09 at 08:44 By Mirko Zorz Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or blocked apps that send workers into the arms of shadow IT. But there’s a different kind of friction happening behind the scenes, and […]
React to this headline:
Why your security team feels stuck Read More »
NTLM relay attacks are back from the dead 2025-07-04 at 09:32 By Help Net Security NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – and, in fact, it may be getting worse. Anecdotally, they are
React to this headline:
NTLM relay attacks are back from the dead Read More »
Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future 2025-07-04 at 08:38 By Help Net Security While Africa hosts some of the fastest-growing digital economies globally, it also faces persistent challenges in cybersecurity preparedness. Many organizations and individuals remain unaware of the risks they face online. Phishing schemes and social
React to this headline:
Federal Reserve System CISO on aligning cyber risk management with transparency, trust 2025-07-01 at 09:08 By Mirko Zorz In this Help Net Security interview, Tammy Hornsby-Fink, CISO at Federal Reserve System, shares how the Fed approaches cyber risk with a scenario-based, intelligence-driven strategy. She explains how the Fed assesses potential disruptions to financial stability and
React to this headline:
Federal Reserve System CISO on aligning cyber risk management with transparency, trust Read More »
Managing through chaos to secure networks 2025-06-27 at 08:39 By Anamarija Pogorelec Every time there’s a natural or manmade disaster that takes medical equipment offline, cuts connectivity to emergency services and loved ones, or shuts down access to ATMs, network engineers are at the center of the heroic efforts required to restore availability and uptime.
React to this headline:
Managing through chaos to secure networks Read More »
Why the SOC needs its “Moneyball” moment 2025-06-25 at 09:05 By Help Net Security In the classic book and later Brad Pitt movie Moneyball, the Oakland A’s didn’t beat baseball’s giants by spending more – they won by thinking differently, scouting players not through gut instinct and received wisdom, but by utilizing relevant data and
React to this headline:
Why the SOC needs its “Moneyball” moment Read More »
Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security 2025-06-18 at 09:02 By Help Net Security As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated CNCF Cilium and its sub-project Tetragon, combined with Software Bills of
React to this headline:
Hackers love events. Why aren’t more CISOs paying attention? 2025-06-17 at 09:04 By Mirko Zorz When CISOs think about risk, they usually think about cloud platforms, laptops, and data centers. But live events like conferences, trade shows, product launches, and shareholder meetings bring a different kind of cybersecurity exposure. These events gather people, devices, and
React to this headline:
Hackers love events. Why aren’t more CISOs paying attention? Read More »
Why banks’ tech-first approach leaves governance gaps 2025-06-16 at 09:06 By Mirko Zorz In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk priorities. Banking institutions often falter when cybersecurity is siloed as purely a technical or compliance
React to this headline:
Why banks’ tech-first approach leaves governance gaps Read More »
Identifying high-risk APIs across thousands of code repositories 2025-06-12 at 16:02 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code before
React to this headline:
Identifying high-risk APIs across thousands of code repositories Read More »
How to manage your cyber risk in a modern attack surface 2025-06-04 at 09:01 By Help Net Security According to research, 62% of organizations said their attack surface grew over the past year. It’s no coincidence that 76% of organizations also reported a cyberattack due to an exposed asset in 2024, as expanding digital footprints
React to this headline:
How to manage your cyber risk in a modern attack surface Read More »
Bankers Association’s attack on cybersecurity transparency 2025-06-03 at 08:04 By Help Net Security A coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disclosure of material cybersecurity incidents within
React to this headline:
Bankers Association’s attack on cybersecurity transparency Read More »
CISO 3.0: Leading AI governance and security in the boardroom 2025-06-02 at 08:50 By Mirko Zorz In this Help Net Security interview, Aaron McCray, Field CISO at CDW, discusses how AI is transforming the CISO role from a tactical cybersecurity guardian into a strategic enterprise risk advisor. With AI now embedded across business functions, CISOs
React to this headline:
CISO 3.0: Leading AI governance and security in the boardroom Read More »
What CISOs can learn from the frontlines of fintech cybersecurity 2025-05-29 at 09:03 By Mirko Zorz At Span Cyber Security Arena, I sat down with Ria Shetty, Director, Cyber Security & Resilience for Europe at Mastercard. Our conversation cut through the hype and focused on what CISOs deal with every day: how to embed security
React to this headline:
What CISOs can learn from the frontlines of fintech cybersecurity Read More »
Why data provenance must anchor every CISO’s AI governance strategy 2025-05-28 at 08:30 By Help Net Security Across the enterprise, artificial intelligence has crept into core functions – not through massive digital transformation programs, but through quiet, incremental adoption. Legal departments are summarizing contracts. HR is rewording sensitive employee communications. Compliance teams are experimenting with
React to this headline:
Why data provenance must anchor every CISO’s AI governance strategy Read More »
Why app modernization can leave you less secure 2025-05-27 at 09:09 By Help Net Security Enterprises typically “modernize” access patterns for an application by enabling industry standard protocols like OIDC or SAML to provide single sign-on (SSO) for legacy apps via a cloud identity provider (IDP). That’s a major step towards better user experience, improved
React to this headline:
Why app modernization can leave you less secure Read More »
Is privacy becoming a luxury? A candid look at consumer data use 2025-05-23 at 09:02 By Mirko Zorz In this Help Net Security interview, Dr. Joy Wu, Assistant Professor, UBC Sauder School of Business, discusses the psychological and societal impacts of data monetization, why current privacy disclosures often fall short, and what it will take
React to this headline:
Is privacy becoming a luxury? A candid look at consumer data use Read More »
The hidden gaps in your asset inventory, and how to close them 2025-05-22 at 09:06 By Mirko Zorz In this Help Net Security interview, Tim Grieveson, CSO at ThingsRecon, breaks down the first steps security teams should take to regain visibility, the most common blind spots in asset discovery, and why context should drive risk
React to this headline:
The hidden gaps in your asset inventory, and how to close them Read More »
What good threat intelligence looks like in practice 2025-05-21 at 08:32 By Mirko Zorz In this Help Net Security interview, Anuj Goel, CEO of Cyware, discusses how threat intelligence is no longer a nice to have, it’s a core cyber defense requirement. But turning intelligence into action remains a challenge for many organizations. The path
React to this headline:
What good threat intelligence looks like in practice Read More »
Third-party cyber risks and what you can do 2025-05-21 at 07:31 By Help Net Security When a third-party tech vendor suffers a cyber incident, your business can feel the effects immediately. That’s why it’s crucial to treat vendor risk as part of your cybersecurity posture. In this Help Net Security video, Mike Toole, Director of
React to this headline:
Third-party cyber risks and what you can do Read More »