Why AI changed the threat model for travel technology 2026-05-21 at 09:16 By Mirko Zorz In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across financial services, hospitality, and travel technology. He discusses why the travel industry’s […]
Why AI changed the threat model for travel technology Read More »
Communicating cyber risk in dollars boards understand 2026-05-20 at 09:34 By Mirko Zorz In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of investment have promised. He argues that spending has leaned too heavily on technical controls while neglecting people, processes, and
Communicating cyber risk in dollars boards understand Read More »
Spotting third-party cyber risk before attackers do 2026-05-04 at 09:46 By Help Net Security In this Help Net Security video, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, discusses how organizations can identify and manage third-party cyber exposures before attackers exploit them. He argues that businesses should move beyond a data-loss mindset toward one
Spotting third-party cyber risk before attackers do Read More »
Your IAM was built for humans, AI agents don’t care 2026-04-27 at 11:18 By Help Net Security Identity and access management was built for a simpler world. One where the hardest problem was a human logging in, and where “Who are you?” was sufficient to decide what someone could do. That model served enterprises well
Your IAM was built for humans, AI agents don’t care Read More »
AI is speeding up nation-state cyber programs 2026-04-24 at 08:40 By Mirko Zorz Im this Help Net Security interview, Kaja Ciglic, Senior Director, Cybersecurity Policy and Diplomacy at Microsoft, discusses how nation-state cyber programs have changed over three years. Cyber has become a core instrument of state power, integrated with military, economic, and diplomatic tools.
AI is speeding up nation-state cyber programs Read More »
A year in, Zoom’s CISO reflects on balancing security and business 2026-04-23 at 09:47 By Mirko Zorz In this Help Net Security interview, Sandra McLeod, CISO at Zoom, reflects on her first year in the role. She talks about moving from reactive firefighting to business strategy, and what she heard from engineers, the board, and
A year in, Zoom’s CISO reflects on balancing security and business Read More »
EU cybersecurity standards are at risk if supplier ban passes 2026-04-16 at 10:16 By Mirko Zorz Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The paper focuses on
EU cybersecurity standards are at risk if supplier ban passes Read More »
What the EU AI Act requires for AI agent logging 2026-04-16 at 09:02 By Help Net Security The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps
What the EU AI Act requires for AI agent logging Read More »
Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time 2026-04-15 at 10:02 By Mirko Zorz In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what it exposed about the fragility of global vulnerability disclosure
The exploit gap is closing, and your patch cycle wasn’t built for this 2026-04-15 at 10:02 By Mirko Zorz The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working exploit is shrinking fast. The briefing centers
The exploit gap is closing, and your patch cycle wasn’t built for this Read More »
Review: The Psychology of Information Security 2026-04-14 at 09:15 By Mirko Zorz Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change
Review: The Psychology of Information Security Read More »
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready 2026-04-14 at 09:15 By Mirko Zorz In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an attack surface. Habler walks through MemoryTrap, a disclosed
29 million leaked secrets in 2025: Why AI agents credentials are out of control 2026-04-14 at 08:11 By Help Net Security AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most
29 million leaked secrets in 2025: Why AI agents credentials are out of control Read More »
Fixing vulnerability data quality requires fixing the architecture first 2026-04-13 at 09:02 By Mirko Zorz In this Help Net Security interview, Art Manion, Deputy Director at Tharros, examines why vulnerability data across repositories stays inconsistent and hard to trust. The problem starts with systems not designed to collect or manage that data well. They introduce
Fixing vulnerability data quality requires fixing the architecture first Read More »
What vibe hunting gets right about AI threat hunting, and where it breaks down 2026-04-10 at 08:57 By Mirko Zorz In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts traditional hypothesis-driven methods. Instead of analysts defining attack vectors upfront, the AI
What vibe hunting gets right about AI threat hunting, and where it breaks down Read More »
AI agent intent is a starting point, not a security strategy 2026-04-09 at 08:53 By Mirko Zorz In this Help Net Security video, Itamar Apelblat, CEO of Token Security, walks through findings from the company’s research, which shows that 65% of agentic chatbots have never been used yet still hold live access credentials. He explains
AI agent intent is a starting point, not a security strategy Read More »
What managing partners should ask AI vendors before signing any contract 2026-04-08 at 09:28 By Mirko Zorz In this Help Net Security interview, Kumar Ravi is the Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more danger than ransomware attacks, precisely because they accumulate quietly and
What managing partners should ask AI vendors before signing any contract Read More »
The case for fixing CWE weakness patterns instead of patching one bug at a time 2026-04-07 at 09:24 By Mirko Zorz In this Help Net Security interview, Alec Summers, MITRE CVE/CWE Project Lead, discusses how CWE is moving from a background reference into active use in vulnerability disclosure. More CVE records now include CWE mappings
The case for fixing CWE weakness patterns instead of patching one bug at a time Read More »
The future of institutional crypto runs through prime brokerages 2026-04-06 at 16:32 By Cointelegraph by Dominic Lohberger Institutional crypto flows through prime brokerages that enforce TradFi custody standards. Ripple’s $1.25B Hidden Road acquisition signals a permanent infrastructure shift. This article is an excerpt from Cointelegraph.com News View Original Source
The future of institutional crypto runs through prime brokerages Read More »
Execution risk in crypto is the new custody risk 2026-04-03 at 20:58 By Cointelegraph by Ido Sofer Execution risk in crypto is the new custody risk. Live credentials, not just private keys, are now the main attack surface. This article is an excerpt from Cointelegraph.com News View Original Source
Execution risk in crypto is the new custody risk Read More »