Review: The Psychology of Information Security 2026-04-14 at 09:15 By Mirko Zorz Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change […]
Review: The Psychology of Information Security Read More »
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack 2026-04-10 at 17:46 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: Jones Day hacked, Internet Bug Bounty program paused due to AI, new Mac stealer malware. The post In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack Read More »
The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security 2026-04-09 at 14:23 By Joshua Goldfarb Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. The post The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security appeared first on
The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security Read More »
What managing partners should ask AI vendors before signing any contract 2026-04-08 at 09:28 By Mirko Zorz In this Help Net Security interview, Kumar Ravi is the Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more danger than ransomware attacks, precisely because they accumulate quietly and
What managing partners should ask AI vendors before signing any contract Read More »
Trust, friction, and ROI: A CISO’s take on making security work for the business 2026-04-02 at 08:42 By Mirko Zorz In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A
Trust, friction, and ROI: A CISO’s take on making security work for the business Read More »
Why risk alone doesn’t get you to yes 2026-03-30 at 09:29 By Help Net Security I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting
Why risk alone doesn’t get you to yes Read More »
Your facilities run on fragile supply chains and nobody wants to admit it 2026-03-26 at 12:32 By Mirko Zorz In this Help Net Security interview, Christa Dodoo, Global Chair at IFMA, discusses how facility managers are managing supply chain risk in critical building systems. She explains how sourcing, localized redundancy, and flexible infrastructure design are
Your facilities run on fragile supply chains and nobody wants to admit it Read More »
FCC Bans New Routers Made Outside the US Over National Security Risks 2026-03-25 at 15:07 By Ionut Arghire The ban aligns with a White House determination that all routers produced abroad are a threat to national security. The post FCC Bans New Routers Made Outside the US Over National Security Risks appeared first on SecurityWeek.
FCC Bans New Routers Made Outside the US Over National Security Risks Read More »
Why your phishing simulations aren’t building a security culture 2026-03-25 at 08:07 By Help Net Security Security culture isn’t built by phishing simulations. In this Help Net Security video, Dan Potter, VP of Cyber Resilience at Immersive, argues that annual training videos and quarterly phishing tests happen in calm, controlled settings that tell us nothing
Why your phishing simulations aren’t building a security culture Read More »
Your security stack looks fine from the dashboard and that’s the problem 2026-03-25 at 08:07 By Anamarija Pogorelec One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of corporate PCs. That figure, drawn from Absolute Security’s 2026 Resilience
Your security stack looks fine from the dashboard and that’s the problem Read More »
Field workers don’t need more access, they need better security 2026-03-20 at 10:21 By Mirko Zorz In this Help Net Security interview, Chris Thompson, CISO at West Shore Home, discusses least privilege and credential hygiene for a field-based workforce. He covers access management, authentication practices, and data risk processes that support employees in the field.
Field workers don’t need more access, they need better security Read More »
Stop building security goals around controls 2026-03-18 at 09:27 By Mirko Zorz In this Help Net Security interview, Devin Rudnicki, CISO at Fitch Group, argues that security strategy fails when it loses its connection to business outcomes. Rudnicki walks through how to align security goals with corporate priorities, why CISOs must present risk in terms
Stop building security goals around controls Read More »
Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming 2026-03-10 at 08:30 By Mirko Zorz Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for
Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming Read More »
ArmorCode Raises $16 Million for Exposure Management Platform 2026-03-06 at 18:14 By Ionut Arghire The company will accelerate platform development, expand go-to-market efforts, and invest in product innovation. The post ArmorCode Raises $16 Million for Exposure Management Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
ArmorCode Raises $16 Million for Exposure Management Platform Read More »
Security debt is becoming a governance issue for CISOs 2026-03-02 at 08:30 By Mirko Zorz Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational pattern, fixes lag discovery, and older weaknesses stay open across release cycles. 2026 findings against the 2025 baseline
Security debt is becoming a governance issue for CISOs Read More »
Four Risks Boards Cannot Treat as Background Noise 2026-02-26 at 19:30 By Steve Durbin The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. The post Four Risks Boards Cannot Treat as Background Noise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Four Risks Boards Cannot Treat as Background Noise Read More »
The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one
The $19.5 million insider risk problem Read More »
Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk 2026-02-09 at 19:42 By Eduard Kovacs The funding was raised over Series A and seed funding rounds for its supply chain security solution. The post Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk appeared first on SecurityWeek. This article
Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk Read More »
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog 2026-02-09 at 11:10 By Kevin Townsend The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog Read More »
United Airlines CISO on building resilience when disruption is inevitable 2026-02-09 at 09:09 By Mirko Zorz Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview,
United Airlines CISO on building resilience when disruption is inevitable Read More »