What it really takes to build a resilient cyber program 2025-05-06 at 08:32 By Mirko Zorz In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up processes, and getting everyone on the same page. Drawing on both […]
React to this headline:
What it really takes to build a resilient cyber program Read More »
How cybercriminals exploit psychological triggers in social engineering attacks 2025-05-06 at 08:03 By Sinisa Markovic Most attacks don’t start with malware; they begin with a message that seems completely normal, whether it comes through email, a phone call, or a chat, and that is exactly what makes them so effective. These threats rely on psychological
React to this headline:
How cybercriminals exploit psychological triggers in social engineering attacks Read More »
Key tips to stay safe from deepfake and AI threats 2025-05-06 at 07:31 By Help Net Security In this Help Net Security video, Joshua McKenty, CEO of Polyguard, talks about how to protect yourself from deepfake and AI threats, which are getting harder to spot and easier to launch. Attackers can clone your voice or
React to this headline:
Key tips to stay safe from deepfake and AI threats Read More »
How CISOs can talk cybersecurity so it makes sense to executives 2025-05-05 at 09:02 By Mirko Zorz CISOs know cyber risk is business risk. Boards don’t always see it that way. For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel they’re either ignored or misunderstood. But with threats growing
React to this headline:
How CISOs can talk cybersecurity so it makes sense to executives Read More »
Review: Effective Vulnerability Management 2025-05-05 at 08:03 By Mirko Zorz Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the authors Chris Hughes is the President of Aquia, a cybersecurity leader with 20 years of public and private sector experience,
React to this headline:
Review: Effective Vulnerability Management Read More »
New Microsoft accounts will be “passwordless by default” 2025-05-02 at 14:18 By Zeljka Zorz Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the default behavior for new accounts,” Vasu Jakkal,
React to this headline:
New Microsoft accounts will be “passwordless by default” Read More »
Why SMEs can no longer afford to ignore cyber risk 2025-05-01 at 09:32 By Mirko Zorz In this Help Net Security interview, Steven Furnell, Professor of Cyber Security at the University of Nottingham, illustrates how small and medium-sized businesses (SMEs) must reassess their risk exposure and prioritize resilience to safeguard their long-term growth and stability.
React to this headline:
Why SMEs can no longer afford to ignore cyber risk Read More »
44% of the zero-days exploited in 2024 were in enterprise solutions 2025-04-29 at 21:18 By Zeljka Zorz In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities (44%) affected enterprise solutions, which is up
React to this headline:
44% of the zero-days exploited in 2024 were in enterprise solutions Read More »
What’s worth automating in cyber hygiene, and what’s not 2025-04-29 at 09:05 By Mirko Zorz Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Automation can help. But
React to this headline:
What’s worth automating in cyber hygiene, and what’s not Read More »
Understanding 2024 cyber attack trends 2025-04-24 at 13:04 By Zeljka Zorz Mandiant has released the M-Trends 2025 report, which outlines global cyber attack trends based on their own incident response engagements from 2024. Key trends and insights In 2024, Mandiant handled more incidents in the financial sector than in any other industry: 17.4%. Other popular
React to this headline:
Understanding 2024 cyber attack trends Read More »
The legal blind spot of shadow IT 2025-04-22 at 09:36 By Mirko Zorz Shadow IT isn’t just a security risk, it’s a legal one. When teams use unsanctioned tools, they can trigger compliance violations, expose sensitive data, or break contracts. Let’s look at where the legal landmines are and what CISOs can do to stay
React to this headline:
The legal blind spot of shadow IT Read More »
When AI agents go rogue, the fallout hits the enterprise 2025-04-17 at 08:45 By Mirko Zorz In this Help Net Security interview, Jason Lord, CTO at AutoRABIT, discusses the cybersecurity risks posed by AI agents integrated into real-world systems. Issues like hallucinations, prompt injections, and embedded biases can turn these systems into vulnerable targets. Lord
React to this headline:
When AI agents go rogue, the fallout hits the enterprise Read More »
When companies merge, so do their cyber threats 2025-04-16 at 09:13 By Mirko Zorz For CISOs, mergers and acquisitions (M&A) bring both potential and risk. These deals can drive growth, but they also open the door to serious cybersecurity threats that may derail the transaction. Strong due diligence, smart risk planning, and a shared security
React to this headline:
When companies merge, so do their cyber threats Read More »
The quiet data breach hiding in AI workflows 2025-04-14 at 08:30 By Mirko Zorz As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use large language models. CISOs cannot treat this as a secondary concern. To
React to this headline:
The quiet data breach hiding in AI workflows Read More »
Why remote work is a security minefield (and what you can do about it) 2025-04-11 at 07:54 By Help Net Security Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t
React to this headline:
Why remote work is a security minefield (and what you can do about it) Read More »
Why CISOs are doubling down on cyber crisis simulations 2025-04-09 at 09:03 By Mirko Zorz Cyber threats aren’t going away, and CISOs know prevention isn’t enough. Being ready to respond is just as important. Cyber crisis simulations offer a way to test that readiness. They let teams walk through real-world scenarios in a controlled setting,
React to this headline:
Why CISOs are doubling down on cyber crisis simulations Read More »
Transforming cybersecurity into a strategic business enabler 2025-04-09 at 08:20 By Mirko Zorz In this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the organization, and approaching third-party risk with agility. How do you define cyber risk within your organization’s overall enterprise
React to this headline:
Transforming cybersecurity into a strategic business enabler Read More »
CISOs battle security platform fatigue 2025-04-07 at 08:31 By Mirko Zorz It starts with good intentions. A tool to stop phishing. Another to monitor endpoints. One more for cloud workloads. Soon, a well-meaning CISO finds themselves managing dozens of products across teams, each with its own dashboard, alerts, and licensing headaches. Welcome to the age
React to this headline:
CISOs battle security platform fatigue Read More »
Forward-thinking CISOs are shining a light on shadow IT 2025-04-04 at 08:32 By Mirko Zorz In this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis, discusses how CISOs can balance security and innovation while managing the risks of shadow IT. Rather than focusing on restrictive policies, fostering proactive partnerships with
React to this headline:
Forward-thinking CISOs are shining a light on shadow IT Read More »
Building a cybersecurity strategy that survives disruption 2025-04-03 at 08:14 By Mirko Zorz Cybersecurity isn’t what it used to be. Attackers are moving quicker, disruptions happen all the time, and many security plans built for more predictable times just can’t keep up. With everything from ransomware to geopolitical threats to cloud slip-ups hitting companies, there’s
React to this headline:
Building a cybersecurity strategy that survives disruption Read More »