tips

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure

Compliance, Data Protection, News, regulation, strategy, tips, Video /

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure 2026-06-17 at 07:30 By Help Net Security In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He opens with a 3.47 a.m. call: the team cannot confirm […]

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure Read More »

Reachability makes AI threat modeling worth the trust

CXO, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, opinion, scanning, threat modeling, tips /

Reachability makes AI threat modeling worth the trust 2026-06-16 at 09:00 By Mirko Zorz In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks

Reachability makes AI threat modeling worth the trust Read More »

EU Cybersecurity Act 2.0: When good regulation goes bad

BH Consulting, Brian Honan, Compliance, Data Protection, Don't miss, enterprise, EU, Europe, Expert analysis, Expert corner, Hot stuff, News, opinion, regulation, strategy, tips /

EU Cybersecurity Act 2.0: When good regulation goes bad 2026-06-16 at 08:30 By Help Net Security Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good policy

EU Cybersecurity Act 2.0: When good regulation goes bad Read More »

Cyber resilience metrics that drive action

CISO, cyber resilience, cybersecurity, News, NormCyber, security metrics, strategy, tips, Video /

Cyber resilience metrics that drive action 2026-06-10 at 09:55 By Help Net Security In this Help Net Security video, Pete Bowers, COO at NormCyber, explains how organizations can build a cyber resilience metrics program that supports better decisions. He questions common ways of measuring resilience, such as risk registers, tool scores, and annual tests, and

Cyber resilience metrics that drive action Read More »

When attacks spread too far: Lessons from real cyber attack case studies

attack, cybersecurity, Illumio, News, strategy, threats, tips, Video /

When attacks spread too far: Lessons from real cyber attack case studies 2026-06-08 at 13:09 By Help Net Security In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during detection. Adjei walks through a collaboration tool scam that copied Microsoft Teams,

When attacks spread too far: Lessons from real cyber attack case studies Read More »

AI agent governance gets harder when agents outnumber your people

agentic AI, CISO, cybersecurity, enterprise, News, opinion, strategy, tips, Video /

AI agent governance gets harder when agents outnumber your people 2026-06-05 at 09:24 By Help Net Security In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments. He opens with a real case: a reconciliation agent at a financial services firm had

AI agent governance gets harder when agents outnumber your people Read More »

What CISOs need to do about post-quantum migration in the next 24 months

CISO, Encryption, News, quantum computing, QuSecure, strategy, tips, Video /

What CISOs need to do about post-quantum migration in the next 24 months 2026-06-03 at 07:40 By Help Net Security In this Help Net Security video, Garfield Jones, SVP Global Strategy and Research, QuSecure, lays out what CISOs should do over the next 24 months. A recent Google paper moved the expected arrival of a

What CISOs need to do about post-quantum migration in the next 24 months Read More »

Zero trust physical security needs trust decisions at the edge

CCTV, CISO, cyber risk, cybersecurity, Don't miss, Features, hardware, Hot stuff, News, opinion, Risk Management, security cameras, strategy, tips, zero trust /

Zero trust physical security needs trust decisions at the edge 2026-06-02 at 09:09 By Mirko Zorz In this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security systems like cameras and door controllers. He breaks down how to make trust decisions at the

Zero trust physical security needs trust decisions at the edge Read More »

Data discovery gaps that catch enterprises off guard

CISO, cybersecurity, data, Don't miss, enterprise, Features, Hot stuff, News, opinion, Schellman, SMBs, strategy, tips /

Data discovery gaps that catch enterprises off guard 2026-06-01 at 11:46 By Mirko Zorz In this interview with Help Net Security, Avani Desai, CEO at Schellman, talks about the gap between what organizations think they know about their data and what discovery scans turn up. She shares stories of shadow data in abandoned cloud storage,

Data discovery gaps that catch enterprises off guard Read More »

Governing shadow AI without killing innovation

AI, CISO, cybersecurity, News, strategy, tips, Video /

Governing shadow AI without killing innovation 2026-06-01 at 08:19 By Help Net Security In this Help Net Security video, Alan Snyder, CEO at NowSecure, talks about governing shadow AI without stopping innovation. He frames the problem as two opposing forces. Companies need to adopt AI fast because attackers and competitors will outpace them otherwise, but

Governing shadow AI without killing innovation Read More »

Building a risk-based vulnerability management program that scales

cyber risk, cybersecurity, News, Risk Management, strategy, tips, Video, vulnerability management /

Building a risk-based vulnerability management program that scales 2026-05-29 at 08:01 By Help Net Security In this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by an order of magnitude in the age of AI-driven attacks, with one customer finding

Building a risk-based vulnerability management program that scales Read More »

The CISO selling confidence in a market full of breach headlines

AI, CISO, cyber risk, cybersecurity, Don't miss, enterprise, Features, Hot stuff, identity management, identity protection, News, Risk Management, security operations, skill development, SOC, Span, strategy, tips /

The CISO selling confidence in a market full of breach headlines 2026-05-28 at 10:16 By Mirko Zorz Engineering teams across enterprise IT are writing their own software with AI coding assistants, spinning up agents that act on their behalf, and assigning those agents the same access privileges their human creators hold. The shift has pulled

The CISO selling confidence in a market full of breach headlines Read More »

Coinflow CISO on crypto payments security under AI pressure

APT, boardroom, CISO, communication, conferences, Crypto, cyber risk, cybercrime, cybersecurity, Don't miss, enterprise, Features, fraud, Hot stuff, News, opinion, Risk Management, Span, strategy, tips /

Coinflow CISO on crypto payments security under AI pressure 2026-05-27 at 09:24 By Mirko Zorz Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs the company’s security program from Malta. Coinflow is headquartered

Coinflow CISO on crypto payments security under AI pressure Read More »

The alert economy is driving security analyst burnout

burnout, cybersecurity, News, opinion, security operations, strategy, tips, Video /

The alert economy is driving security analyst burnout 2026-05-27 at 09:24 By Help Net Security In this Help Net Security video, Ido Livneh, CEO of Jazz, explains why security analysts burn out and what leaders can do about it. The cause, he argues, is not long hours but meaningless work. Analysts spend their days closing

The alert economy is driving security analyst burnout Read More »

Boards want cyber risk in dollars, not CVE counts

boardroom, CISO, communication, CVE, cyber risk, CYE, Don't miss, News, strategy, tips, Video /

Boards want cyber risk in dollars, not CVE counts 2026-05-25 at 08:11 By Help Net Security In this Help Net Security video, Ziv Levi, SVP of Technology at CYE, explains why translating cyber risk into dollars is one of the most pressing tasks for security leaders. Boards and executives want cyber exposure described in business

Boards want cyber risk in dollars, not CVE counts Read More »

Why AI changed the threat model for travel technology

CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, tips /

Why AI changed the threat model for travel technology 2026-05-21 at 09:16 By Mirko Zorz In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across financial services, hospitality, and travel technology. He discusses why the travel industry’s

Why AI changed the threat model for travel technology Read More »

Communicating cyber risk in dollars boards understand

boardroom, CISO, communication, conferences, cyber resilience, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Span, strategy, tips /

Communicating cyber risk in dollars boards understand 2026-05-20 at 09:34 By Mirko Zorz In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of investment have promised. He argues that spending has leaned too heavily on technical controls while neglecting people, processes, and

Communicating cyber risk in dollars boards understand Read More »

What happens when your identity provider becomes the kill chain

Atsign, authentication, cybersecurity, Don't miss, identity protection, News, OAuth, strategy, tips, Video /

What happens when your identity provider becomes the kill chain 2026-05-20 at 09:34 By Help Net Security In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session cookies, tokens, or consent grants you’ve already issued and walk in

What happens when your identity provider becomes the kill chain Read More »

Closing the AI governance gap in your enterprise

AI, CISO, cyber risk, cybersecurity, enterprise, News, strategy, tips, Video /

Closing the AI governance gap in your enterprise 2026-05-14 at 08:00 By Help Net Security In this Help Net Security video, Casey Bleeker, CEO at SurePath AI, talks about the AI governance gap that exists in almost every organization. Drawing from three years of conversations with IT, business, and security leaders, Casey explains why AI

Closing the AI governance gap in your enterprise Read More »

What Mozilla learned running an AI security bug hunting pipeline on Firefox

AI, Anthropic, BH Consulting, Brian Honan, code analysis, Don't miss, Firefox, Hot stuff, Mozilla, News, strategy, tips /

What Mozilla learned running an AI security bug hunting pipeline on Firefox 2026-05-08 at 01:14 By Mirko Zorz Over the past several months, Mozilla ran an agentic harness powered by Claude Mythos Preview across Firefox’s source code, identifying 271 security bugs that were fixed in Firefox 150, with additional fixes shipped in versions 149.0.2 and

What Mozilla learned running an AI security bug hunting pipeline on Firefox Read More »

Scroll to Top