tips

APT groups are getting personal, and CISOs should be concerned

APT, attacks, CISO, cybersecurity, Data Protection, Don't miss, Doppel, Features, Hot stuff, how-to, News, Privacy, strategy, threats, tips /

APT groups are getting personal, and CISOs should be concerned 2025-08-12 at 14:42 By Mirko Zorz Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store […]

React to this headline:

Loading spinner

APT groups are getting personal, and CISOs should be concerned Read More »

What makes a security program mature and how to get there faster

CISO, Don't miss, Hot stuff, News, PlexTrac, strategy, tips, Video /

What makes a security program mature and how to get there faster 2025-08-12 at 08:31 By Help Net Security Security leaders are flush with tools and data, but it’s not helping their programs mature. In this Help Net Security video, PlexTrac’s Dan DeCloss outlines the 3 key gaps holding security programs back and what sets

React to this headline:

Loading spinner

What makes a security program mature and how to get there faster Read More »

From legacy to SaaS: Why complexity is the enemy of enterprise security

access management, authentication, Bridge IT, CISO, cybersecurity, digital transformation, Don't miss, enterprise, Features, Hot stuff, identity verification, MFA, News, SaaS, security awareness, strategy, tips, zero trust /

From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance

React to this headline:

Loading spinner

From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »

Review: From Day Zero to Zero Day

books, Don't miss, how-to, News, Review, Reviews, skill development, strategy, tips, vulnerability assessment /

Review: From Day Zero to Zero Day 2025-08-11 at 08:02 By Mirko Zorz From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about vulnerabilities and start finding them. It gives a methodical look at how real vulnerability research is done. About the author Eugene Lim

React to this headline:

Loading spinner

Review: From Day Zero to Zero Day Read More »

Third-party partners or ticking time bombs?

CISO, cyber risk, cybersecurity, CyXcel, Don't miss, Hot stuff, News, resilience, Risk Management, strategy, supply chain, third party compromise, tips, Video /

Third-party partners or ticking time bombs? 2025-08-08 at 08:46 By Help Net Security In this Help Net Security video, Ngaire Elizabeth Guzzetti, Technical Director Supply Chain at CyXcel, discusses why a third of U.S. organizations don’t trust third-party vendors to manage critical risks and what that means for supply chain security. She breaks down the

React to this headline:

Loading spinner

Third-party partners or ticking time bombs? Read More »

Security tooling pitfalls for small teams: Cost, complexity, and low ROI

CISO, cloud security, Compliance, cybersecurity, Don't miss, Features, generative AI, GRC, Hot stuff, News, opinion, Risk Management, Scrut Automation, SMBs, strategy, tips /

Security tooling pitfalls for small teams: Cost, complexity, and low ROI 2025-08-05 at 10:11 By Mirko Zorz In this Help Net Security interview, Aayush Choudhury, CEO at Scrut Automation, discusses why many security tools built for large enterprises don’t work well for leaner, cloud-native teams. He explains how simplicity, integration, and automation are key for

React to this headline:

Loading spinner

Security tooling pitfalls for small teams: Cost, complexity, and low ROI Read More »

AIBOMs are the new SBOMs: The missing link in AI risk management

Artificial Intelligence, CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, Manifest Cyber, News, opinion, risk, strategy, supply chain, tips /

AIBOMs are the new SBOMs: The missing link in AI risk management 2025-08-04 at 09:11 By Mirko Zorz In this Help Net Security interview, Marc Frankel, CEO at Manifest Cyber, discusses how overlooked AI-specific risks, like poisoned training data and shadow AI, can lead to security issues that conventional tools fail to detect. He explains

React to this headline:

Loading spinner

AIBOMs are the new SBOMs: The missing link in AI risk management Read More »

It’s time to sound the alarm on water sector cybersecurity

CISA, CISO, critical infrastructure, cyber risk, cybersecurity, News, Semperis, strategy, tips /

It’s time to sound the alarm on water sector cybersecurity 2025-08-01 at 09:07 By Sinisa Markovic A cyberattack on a water facility can put entire communities and businesses at risk. Even a short disruption in clean water supply can have serious public health and safety consequences, and threat actors know the damage they can cause.

React to this headline:

Loading spinner

It’s time to sound the alarm on water sector cybersecurity Read More »

The food supply chain has a cybersecurity problem

CISO, critical infrastructure, CXO, cyber risk, cybersecurity, Don't miss, Features, Government, News, regulation, strategy, tips /

The food supply chain has a cybersecurity problem 2025-07-30 at 08:30 By Sinisa Markovic It’s unsettling to think that our food supply chain could be targeted or that the safety of our food could be compromised. But this is exactly the challenge the agri-food sector is dealing with right now. Despite agriculture’s importance, cybersecurity in

React to this headline:

Loading spinner

The food supply chain has a cybersecurity problem Read More »

Why CISOs should rethink identity risk through attack paths

Black Hat USA 2025, CISO, cybersecurity, Don't miss, News, Non Human Identities, report, SpecterOps, strategy, survey, tips /

Why CISOs should rethink identity risk through attack paths 2025-07-30 at 08:00 By Sinisa Markovic Identity-based attack paths are behind most breaches today, yet many organizations can’t actually see how those paths form. The 2025 State of Attack Path Management report from SpecterOps makes the case that traditional tools like identity governance, PAM, and MFA

React to this headline:

Loading spinner

Why CISOs should rethink identity risk through attack paths Read More »

Fighting AI with AI: How Darwinium is reshaping fraud defense

Artificial Intelligence, authentication, automation, Black Hat USA 2025, CISO, cybersecurity, Darwinium, Don't miss, enterprise, Features, fraud, Hot stuff, LLMs, News, opinion, strategy, tips /

Fighting AI with AI: How Darwinium is reshaping fraud defense 2025-07-29 at 16:07 By Mirko Zorz AI agents are showing up in more parts of the customer journey, from product discovery to checkout. And fraudsters are also putting them to work, often with alarming success. In response, cyberfraud prevention leader Darwinium is launching two AI-powered

React to this headline:

Loading spinner

Fighting AI with AI: How Darwinium is reshaping fraud defense Read More »

The legal minefield of hacking back

bug bounty, CISO, cybersecurity, Don't miss, Features, framework, hacking, Hot stuff, ImmuneFi, law, News, opinion, strategy, tips /

The legal minefield of hacking back 2025-07-28 at 08:57 By Mirko Zorz In this Help Net Security interview, Gonçalo Magalhães, Head of Security at Immunefi, discusses the legal and ethical implications of hacking back in cross-border cyber incidents. He warns that offensive cyber actions risk violating international law, escalating conflicts, and harming innocent third parties.

React to this headline:

Loading spinner

The legal minefield of hacking back Read More »

How to fight document fraud with the latest tech tools

Compliance, Connecting Software, cybersecurity, Don't miss, fraud, News, regulation, strategy, tips, Video /

How to fight document fraud with the latest tech tools 2025-07-28 at 07:07 By Help Net Security In this Help Net Security video, Thomas Berndorfer, CEO of Connecting Software, explores cutting-edge technologies designed to detect and prevent document forgery and digital fraud. He presents four key approaches to verifying document authenticity: IDVT, PKI, AI-based methods,

React to this headline:

Loading spinner

How to fight document fraud with the latest tech tools Read More »

Ports are getting smarter and more hackable

attacks, China, CISO, critical infrastructure, cybersecurity, Don't miss, Government, Hacktivism, Iran, maritime industry, NATO, News, Russian Federation, strategy, threats, tips /

Ports are getting smarter and more hackable 2025-07-23 at 08:31 By Sinisa Markovic A new policy brief from NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is increasingly under attack by threat actors tied to Russia, Iran, and China. These ports are essential

React to this headline:

Loading spinner

Ports are getting smarter and more hackable Read More »

What the law says about your next data breach

CISO, cyber risk, cybersecurity, News, opinion, Risk Management, Rockwell Automation, strategy, tips, Video /

What the law says about your next data breach 2025-07-22 at 10:13 By Help Net Security In this Help Net Security video, Chad Humphries, Solution Consultant, Networks & Cyber Security at Rockwell Automation, explores how cyber risk quantification is becoming essential for modern organizations. He breaks down global legal frameworks, AI’s growing role in dispute

React to this headline:

Loading spinner

What the law says about your next data breach Read More »

How to land your first job in cybersecurity

Artificial Intelligence, cybersecurity, cybersecurity jobs, DirectDefense, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, tips /

How to land your first job in cybersecurity 2025-07-21 at 09:54 By Help Net Security According to LinkedIn, job applications have surged over 45% in the past year, with 11,000 applications submitted every minute. This flood of applications is making it harder than ever for qualified candidates to stand out. The industry has become highly

React to this headline:

Loading spinner

How to land your first job in cybersecurity Read More »

Why silent authentication is the smarter way to secure BYOD

authentication, BYOD, CISO, cybersecurity, Don't miss, Hot stuff, News, strategy, tips, Video, Vonage /

Why silent authentication is the smarter way to secure BYOD 2025-07-17 at 09:08 By Help Net Security In this Help Net Security video, Andy Ulrich, CISO at Vonage, explains how silent authentication offers a smarter, seamless solution to the security and productivity challenges of BYOD. He breaks down how it works, why it matters, and

React to this headline:

Loading spinner

Why silent authentication is the smarter way to secure BYOD Read More »

Experts unpack the biggest cybersecurity surprises of 2025

AppSecEngineer, CISO, cybersecurity, Don't miss, Features, Gomboc, Hot stuff, News, Oleria, Optiv Security, strategy, tips /

Experts unpack the biggest cybersecurity surprises of 2025 2025-07-16 at 08:19 By Mirko Zorz 2025 has been a busy year for cybersecurity. From unexpected attacks to new tactics by threat groups, a lot has caught experts off guard. We asked cybersecurity leaders to share the biggest surprises they’ve seen so far this year and what

React to this headline:

Loading spinner

Experts unpack the biggest cybersecurity surprises of 2025 Read More »

Why your security team feels stuck

CISO, cybersecurity, Don't miss, Features, FireMon, Hot stuff, how-to, News, opinion, security operations, strategy, tips, Transcend /

Why your security team feels stuck 2025-07-09 at 08:44 By Mirko Zorz Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or blocked apps that send workers into the arms of shadow IT. But there’s a different kind of friction happening behind the scenes, and

React to this headline:

Loading spinner

Why your security team feels stuck Read More »

Review: Attack Surface Management

books, cybersecurity, Don't miss, Hot stuff, News, O'Reilly, Reviews, strategy, tips /

Review: Attack Surface Management 2025-07-07 at 08:04 By Mirko Zorz Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that aims to change that. About the authors Ron Eddings is the Executive Producer at Hacker

React to this headline:

Loading spinner

Review: Attack Surface Management Read More »

Scroll to Top