strategy

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules

Application Security, automation, Bright, CISO, cybersecurity, DevOps, Don't miss, Features, Hot stuff, News, opinion, serverless, strategy, tips /

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules 2025-05-07 at 08:32 By Mirko Zorz Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how DevOps, containers, and serverless tools are shaping security, and shares […]

React to this headline:

Loading spinner

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules Read More »

What it really takes to build a resilient cyber program

CISO, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, Nightwing, opinion, regulation, strategy, tips, vulnerability management /

What it really takes to build a resilient cyber program 2025-05-06 at 08:32 By Mirko Zorz In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up processes, and getting everyone on the same page. Drawing on both

React to this headline:

Loading spinner

What it really takes to build a resilient cyber program Read More »

Key tips to stay safe from deepfake and AI threats

deepfakes, Don't miss, News, Polyguard, scams, strategy, threats, tips, Video /

Key tips to stay safe from deepfake and AI threats 2025-05-06 at 07:31 By Help Net Security In this Help Net Security video, Joshua McKenty, CEO of Polyguard, talks about how to protect yourself from deepfake and AI threats, which are getting harder to spot and easier to launch. Attackers can clone your voice or

React to this headline:

Loading spinner

Key tips to stay safe from deepfake and AI threats Read More »

How CISOs can talk cybersecurity so it makes sense to executives

boardroom, CISO, CXO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Optiv Security, security controls, security ROI, Splunk, strategy, Team8, tips /

How CISOs can talk cybersecurity so it makes sense to executives 2025-05-05 at 09:02 By Mirko Zorz CISOs know cyber risk is business risk. Boards don’t always see it that way.​ For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel they’re either ignored or misunderstood. But with threats growing

React to this headline:

Loading spinner

How CISOs can talk cybersecurity so it makes sense to executives Read More »

Review: Effective Vulnerability Management

Aquia, books, Don't miss, News, Reviews, skill development, strategy, tips, vulnerability management /

Review: Effective Vulnerability Management 2025-05-05 at 08:03 By Mirko Zorz Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the authors Chris Hughes is the President of Aquia, a cybersecurity leader with 20 years of public and private sector experience,

React to this headline:

Loading spinner

Review: Effective Vulnerability Management Read More »

Why SMEs can no longer afford to ignore cyber risk

CISO, cybersecurity, Don't miss, Europe, Features, Government, Hot stuff, News, opinion, strategy, tips, UK /

Why SMEs can no longer afford to ignore cyber risk 2025-05-01 at 09:32 By Mirko Zorz In this Help Net Security interview, Steven Furnell, Professor of Cyber Security at the University of Nottingham, illustrates how small and medium-sized businesses (SMEs) must reassess their risk exposure and prioritize resilience to safeguard their long-term growth and stability.

React to this headline:

Loading spinner

Why SMEs can no longer afford to ignore cyber risk Read More »

What’s worth automating in cyber hygiene, and what’s not

1Password, authentication, automation, BitSight, CISO, credentials, cyber hygiene, cybersecurity, Don't miss, enterprise, Features, Hot stuff, News, passwords, patching, strategy, Swimlane, tips /

What’s worth automating in cyber hygiene, and what’s not 2025-04-29 at 09:05 By Mirko Zorz Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Automation can help. But

React to this headline:

Loading spinner

What’s worth automating in cyber hygiene, and what’s not Read More »

Ransomware attacks are getting smarter, harder to stop

backup, cybersecurity, News, Ransomware, report, resilience, strategy, Veeam Software /

Ransomware attacks are getting smarter, harder to stop 2025-04-28 at 07:36 By Help Net Security Ransomware attacks are becoming more refined and pervasive, posing significant challenges to organizations globally. A Veeam report reveals that while the percentage of companies impacted by ransomware attacks has slightly declined from 75% to 69%, the threat remains substantial. This

React to this headline:

Loading spinner

Ransomware attacks are getting smarter, harder to stop Read More »

The legal blind spot of shadow IT

Auvik Networks, CISO, cybersecurity, Data Protection, data security, Don't miss, Features, Hot stuff, how-to, JumpCloud, News, shadow IT, strategy, tips /

The legal blind spot of shadow IT 2025-04-22 at 09:36 By Mirko Zorz Shadow IT isn’t just a security risk, it’s a legal one. When teams use unsanctioned tools, they can trigger compliance violations, expose sensitive data, or break contracts. Let’s look at where the legal landmines are and what CISOs can do to stay

React to this headline:

Loading spinner

The legal blind spot of shadow IT Read More »

When ransomware strikes, what’s your move?

CISO, cybercrime, cybersecurity, Don't miss, News, Ransomware, strategy /

When ransomware strikes, what’s your move? 2025-04-18 at 08:37 By Sinisa Markovic Should we negotiate? Should we pay? These are the questions every organization faces when cybercriminals lock their data. By the time attackers have encrypted your systems, the focus shifts from prevention to response. It’s no longer about how it happened, it’s about what

React to this headline:

Loading spinner

When ransomware strikes, what’s your move? Read More »

When AI agents go rogue, the fallout hits the enterprise

Artificial Intelligence, AutoRABIT, CXO, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, SOC, strategy, tips /

When AI agents go rogue, the fallout hits the enterprise 2025-04-17 at 08:45 By Mirko Zorz In this Help Net Security interview, Jason Lord, CTO at AutoRABIT, discusses the cybersecurity risks posed by AI agents integrated into real-world systems. Issues like hallucinations, prompt injections, and embedded biases can turn these systems into vulnerable targets. Lord

React to this headline:

Loading spinner

When AI agents go rogue, the fallout hits the enterprise Read More »

When companies merge, so do their cyber threats

Black Creek Cyber Security, CISO, CXO, cybersecurity, Data Protection, data security, Don't miss, Features, Hot stuff, Lumifi, market, News, regulation, strategy, tips, Twinstake /

When companies merge, so do their cyber threats 2025-04-16 at 09:13 By Mirko Zorz For CISOs, mergers and acquisitions (M&A) bring both potential and risk. These deals can drive growth, but they also open the door to serious cybersecurity threats that may derail the transaction. Strong due diligence, smart risk planning, and a shared security

React to this headline:

Loading spinner

When companies merge, so do their cyber threats Read More »

Strategic AI readiness for cybersecurity: From hype to reality

Artificial Intelligence, Aryaka, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, News, opinion, strategy /

Strategic AI readiness for cybersecurity: From hype to reality 2025-04-16 at 08:34 By Help Net Security AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious repercussions, such as increased volumes of advanced cyber threats, if they fail to exploit AI

React to this headline:

Loading spinner

Strategic AI readiness for cybersecurity: From hype to reality Read More »

The quiet data breach hiding in AI workflows

access control, Artificial Intelligence, CISO, cybersecurity, data security, Don't miss, Features, Hot stuff, how-to, LayerX, LLMs, News, opinion, strategy, tips /

The quiet data breach hiding in AI workflows 2025-04-14 at 08:30 By Mirko Zorz As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use large language models. CISOs cannot treat this as a secondary concern. To

React to this headline:

Loading spinner

The quiet data breach hiding in AI workflows Read More »

Why security culture is crypto’s strongest asset

Crypto, Cryptocurrency, cybersecurity, Don't miss, Features, Grayscale, Hot stuff, News, opinion, strategy /

Why security culture is crypto’s strongest asset 2025-04-11 at 08:46 By Mirko Zorz In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets. From a threat modeling perspective, what unique adversary tactics do you

React to this headline:

Loading spinner

Why security culture is crypto’s strongest asset Read More »

Why remote work is a security minefield (and what you can do about it)

cybersecurity, Don't miss, how-to, News, remote working, strategy, tips /

Why remote work is a security minefield (and what you can do about it) 2025-04-11 at 07:54 By Help Net Security Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t

React to this headline:

Loading spinner

Why remote work is a security minefield (and what you can do about it) Read More »

Why CISOs are doubling down on cyber crisis simulations

CISO, Cloud Range, crisis management, cybersecurity, Don't miss, Features, Hack The Box, Hot stuff, how-to, Immersive, News, opinion, Sophos, strategy, tips /

Why CISOs are doubling down on cyber crisis simulations 2025-04-09 at 09:03 By Mirko Zorz Cyber threats aren’t going away, and CISOs know prevention isn’t enough. Being ready to respond is just as important. Cyber crisis simulations offer a way to test that readiness. They let teams walk through real-world scenarios in a controlled setting,

React to this headline:

Loading spinner

Why CISOs are doubling down on cyber crisis simulations Read More »

Transforming cybersecurity into a strategic business enabler

CISO, cyber risk, cybersecurity, Don't miss, Ecolab, enterprise, Features, Hot stuff, News, Risk Management, security standard, strategy, tips /

Transforming cybersecurity into a strategic business enabler 2025-04-09 at 08:20 By Mirko Zorz In this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the organization, and approaching third-party risk with agility. How do you define cyber risk within your organization’s overall enterprise

React to this headline:

Loading spinner

Transforming cybersecurity into a strategic business enabler Read More »

Observability is security’s way back into the cloud conversation

Cloud, cloud adoption, cybersecurity, Don't miss, Features, Hot stuff, New Relic, News, opinion, strategy /

Observability is security’s way back into the cloud conversation 2025-04-08 at 08:02 By Mirko Zorz In this Help Net Security interview, Esteban Gutierrez, CISO and VP of Information Security at New Relic, discusses how the adoption of cloud infrastructure is outpacing security readiness. He shares strategies for overcoming common misconfigurations and optimizing access controls in

React to this headline:

Loading spinner

Observability is security’s way back into the cloud conversation Read More »

CISOs battle security platform fatigue

BeyondTrust, CISO, Don't miss, Features, Gigamon, Hot stuff, Ivanti, News, opinion, Panaseer, strategy, Syxsense, tips, Tuskira /

CISOs battle security platform fatigue 2025-04-07 at 08:31 By Mirko Zorz It starts with good intentions. A tool to stop phishing. Another to monitor endpoints. One more for cloud workloads. Soon, a well-meaning CISO finds themselves managing dozens of products across teams, each with its own dashboard, alerts, and licensing headaches. Welcome to the age

React to this headline:

Loading spinner

CISOs battle security platform fatigue Read More »

Scroll to Top