tips

Despite economic uncertainty, organizations are prioritizing SaaS security investments

Adaptive Shield, CISO, Cloud Security Alliance, cybersecurity, Don't miss, Hot stuff, News, report, SaaS, strategy, survey, tips, Video /

Despite economic uncertainty, organizations are prioritizing SaaS security investments 2024-07-23 at 06:31 By Mirko Zorz In this Help Net Security video, Maor Bin, CEO and Co-Founder of Adaptive Shield, discusses the key findings of their recent annual SaaS Security Survey Report, conducted in partnership with the Cloud Security Alliance (CSA). Seventy percent of organizations have […]

React to this headline:

Loading spinner

Despite economic uncertainty, organizations are prioritizing SaaS security investments Read More »

Travel scams exposed: How to recognize and avoid them

cybersecurity, Don't miss, Expel, Hot stuff, how-to, News, scams, tips, travel industry, Video /

Travel scams exposed: How to recognize and avoid them 2024-07-11 at 06:31 By Help Net Security In this Help Net Security video, Aaron Walton, Threat Intel Analyst at Expel, discusses travel scams. For the past 18 months, the Expel SOC team has observed a campaign targeting administrative credentials for Booking.com. The attackers create phishing emails

React to this headline:

Loading spinner

Travel scams exposed: How to recognize and avoid them Read More »

Shadow engineering exposed: Addressing the risks of unauthorized engineering practices

Compliance, cyber risk, cybersecurity, Don't miss, Endor Labs, Hot stuff, how-to, News, strategy, tips, Video /

Shadow engineering exposed: Addressing the risks of unauthorized engineering practices 2024-07-09 at 06:31 By Help Net Security Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff Research Engineer at Endor Labs, discusses why it causes issues and how

React to this headline:

Loading spinner

Shadow engineering exposed: Addressing the risks of unauthorized engineering practices Read More »

Inside the minds of CISOs

Bugcrowd, CISO, cybersecurity, Don't miss, Hot stuff, News, strategy, tips, Video /

Inside the minds of CISOs 2024-07-02 at 06:31 By Help Net Security In this Help Net Security video, Nick McKenzie, CISO of Bugcrowd, discusses the key findings from their recent report, which comes at a crucial time as security leaders’ roles are being discussed more with the current risk landscape and the increasing need to

React to this headline:

Loading spinner

Inside the minds of CISOs Read More »

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Gutsy, Hot stuff, News, opinion, tips, vulnerability management /

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams 2024-06-18 at 08:01 By Help Net Security Cybersecurity isn’t just about firewalls and antivirus. It’s about understanding how your defenses, people, and processes work together. Just like Google Maps revolutionized navigation, process mapping can revolutionize how you understand and manage your security

React to this headline:

Loading spinner

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams Read More »

Why CISOs need to build cyber fault tolerance into their business

Artificial Intelligence, automation, CISO, cybersecurity, Gartner, generative AI, News, report, Risk Management, tips /

Why CISOs need to build cyber fault tolerance into their business 2024-06-10 at 07:01 By Help Net Security CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, according to Gartner. “Each new cybersecurity disruption exposes the fact that

React to this headline:

Loading spinner

Why CISOs need to build cyber fault tolerance into their business Read More »

US retailers under attack by gift card-thieving cyber gang

cybercrime, Don't miss, FBI, Hot stuff, Microsoft, News, Retail, tips /

US retailers under attack by gift card-thieving cyber gang 2024-05-24 at 14:01 By Zeljka Zorz Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards. Microsoft then went more in-dept on the group’s tactics, techniques,

React to this headline:

Loading spinner

US retailers under attack by gift card-thieving cyber gang Read More »

US exposes scheme enabling North Korean IT workers to bypass sanctions

DOJ, Don't miss, enterprise, Hot stuff, News, North Korea, tips, USA /

US exposes scheme enabling North Korean IT workers to bypass sanctions 2024-05-17 at 14:46 By Zeljka Zorz The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities

React to this headline:

Loading spinner

US exposes scheme enabling North Korean IT workers to bypass sanctions Read More »

How a GRC consultant passed the CISSP exam in six weeks

certification, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Infoedge, ISC2, News, skill development, strategy, tips /

How a GRC consultant passed the CISSP exam in six weeks 2024-05-14 at 08:01 By Help Net Security Ask any IT security professional which certification they would consider to be the “gold standard” in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. If an organization is seeking some peace

React to this headline:

Loading spinner

How a GRC consultant passed the CISSP exam in six weeks Read More »

Are you meeting your cyber insurance requirements?

attacks, backup, Clumio, cyber insurance, cybersecurity, Don't miss, Hot stuff, patching, policy, security controls, strategy, tips, Video /

Are you meeting your cyber insurance requirements? 2024-05-14 at 06:31 By Help Net Security Cyber insurance policies are specifically designed to offer financial protection to organizations in the face of cyber attacks, data breaches, or other cybersecurity incidents. While they can provide a sense of security, it’s crucial to be aware of their limitations. In

React to this headline:

Loading spinner

Are you meeting your cyber insurance requirements? Read More »

6 tips to implement security gamification effectively

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SeeMetrics, tips, training /

6 tips to implement security gamification effectively 2024-05-07 at 08:01 By Help Net Security There’s not a CISO in the industry who’s not aware of the extremely short median CISO tenure. That’s why the best CISOs are those who constantly seek ways to strengthen their teams. They help members evolve and grow in their roles,

React to this headline:

Loading spinner

6 tips to implement security gamification effectively Read More »

How to prepare for the CISSP exam: Tips from industry leaders

certification, CISO, cybersecurity, Don't miss, Features, Hot stuff, how-to, ISC2, News, skill development, strategy, tips /

How to prepare for the CISSP exam: Tips from industry leaders 2024-05-06 at 07:31 By Mirko Zorz The Certified Information Systems Security Professional (CISSP) is the most widely recognized certification in the information security industry. CISSP certifies that an information security professional possesses extensive technical and managerial expertise for designing, engineering, and managing an organization’s

React to this headline:

Loading spinner

How to prepare for the CISSP exam: Tips from industry leaders Read More »

Building a strong cloud security posture

cloud security, cybersecurity, Cymulate, Don't miss, Hot stuff, misconfiguration, policy, security controls, strategy, tips, Video /

Building a strong cloud security posture 2024-05-01 at 06:31 By Help Net Security In this Help Net Security video, David Kellerman, Field CTO at Cymulate, discusses how cloud security still seems to lag even as the cloud grows in popularity and usage. Many leaders are unaware that they need to secure the cloud the same

React to this headline:

Loading spinner

Building a strong cloud security posture Read More »

What is multi-factor authentication (MFA), and why is it important?

access management, authentication, BARR Advisory, cybersecurity, Don't miss, Hot stuff, MFA, password manager, passwords, Privacy, tips, Video /

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible

React to this headline:

Loading spinner

What is multi-factor authentication (MFA), and why is it important? Read More »

How to optimize your bug bounty programs

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Features, hacker, Hot stuff, machine learning, News, opinion, policy, regulation, risk assessment, Risk Management, strategy, tips, Zoom /

How to optimize your bug bounty programs 2024-04-22 at 08:02 By Mirko Zorz In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He offers advice to organizations, stressing the importance of

React to this headline:

Loading spinner

How to optimize your bug bounty programs Read More »

Thinking outside the code: How the hacker mindset drives innovation

bug bounty, cybersecurity, Don't miss, education, Features, hacker, hacking, Hot stuff, Innovation, News, opinion, skill development, strategy, tips /

Thinking outside the code: How the hacker mindset drives innovation 2024-04-17 at 08:01 By Mirko Zorz Keren Elazari is an internationally recognized security analyst, author, and researcher. Since 2000, Keren has worked with leading Israeli security firms, government organizations, innovative start-ups, and Fortune 500 companies. She is the founder of BSidesTLV and Leading Cyber Ladies

React to this headline:

Loading spinner

Thinking outside the code: How the hacker mindset drives innovation Read More »

New open-source project takeover attacks spotted, stymied

backdoor, CISA, Don't miss, Endor Labs, Hot stuff, News, O'Reilly, open source, OpenJS Foundation, OpenSSF, social engineering, supply chain attacks, tips /

New open-source project takeover attacks spotted, stymied 2024-04-16 at 16:16 By Zeljka Zorz The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious maintainer achieved that coveted position after

React to this headline:

Loading spinner

New open-source project takeover attacks spotted, stymied Read More »

5 free red teaming resources to get you started

cybersecurity, Don't miss, GitHub, Hot stuff, how-to, News, red team, strategy, tips /

5 free red teaming resources to get you started 2024-04-16 at 07:32 By Help Net Security Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simulate a real-world advanced persistent threat.

React to this headline:

Loading spinner

5 free red teaming resources to get you started Read More »

Ransomware group maturity should influence ransom payment decision

cybercriminals, Don't miss, extortion, GuidePoint Security, Hot stuff, News, Ransomware, SMBs, tips /

Ransomware group maturity should influence ransom payment decision 2024-04-11 at 16:16 By Zeljka Zorz Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers’ servers, and/or not leaked online. The decision will depend on

React to this headline:

Loading spinner

Ransomware group maturity should influence ransom payment decision Read More »

Scroll to Top