Latest Security Opinions
Those doing these early cybersecurity jobs ended up knowing a bit about everything and evolved into generalists. Since then, with so many new avenues of technology, most of these generalists either specialised or went into management. New recruits don’t have time to acquire the historical knowledge of generalists
False positives are a symptom of a problem, not the cause Security ‘alert fatigue’ is a real issue. According to a recent report from the SANS Institute, alert fatigue is one of the biggest barriers to retaining top security talent. Many of the most common security tools, including security incident and event management (SIEM) tools… Read More
Building a resilient defense against ransomware is becoming a ‘must-have’ for any organisation that takes the risks seriously and wants to protect its IT ecosystem from the downtime, disruption, and cost that frequently come with ransomware infections.
However powerful your leadership, however large your organisation, however advanced your systems and however well trained your personnel, the success or failure of your critical systems can be decided in one small “go or no go” moment
Essential guidance for keeping software truly secure A lot has been said about DevSecOps from experts, practitioners, pundits and vendors. However, recommendations that start and finish with securing code leave critical gaps. In order to keep software secure, businesses must go beyond just securing the code they are developing to also secure the pipeline that delivers that… Read More
Collectively we have a responsibility to ensure digital identity technologies are truly inclusive and don’t exclude or misrepresent the underrepresented, writes Cindy White, CMO, Mitek.
No one wants to suffer the consequences of a serious cyber-attack. But the challenge of identifying advanced phishing threats is increasing. Businesses must respond with urgency to avoid being fooled.
In this Q&A, we talk with Jason Soroko from SSL447, a managed cybersecurity services company recently acquired by Sectigo. Soroko explains the importance of Public Key Infrastructure to Digital Identity and its centrality to Zero Trust Architecture.
Teams tasked with leading the cybersecurity strategy in their organisation could learn a simple lesson from the grey squirrel and the red kite. The grey squirrel represents an error in strategy – creating the opportunity for an ill-informed decision that one cannot reverse once it’s made. Merely manage and mitigate. The Red Kite demonstrates that a well-informed strategic decision which provisions, enables and optimises the right individuals to thrive and flourish can succeed to staggering effect and impact.
Businesses that evaluate their security program under a security maturity model will be far better placed to react to the unexpected.
The ethical challenges, risks, and benefits of using cloud platforms in digital healthcare
Information always needs to be properly captured, stored, preserved, and disclosed when required. This issue is exacerbated further in the case of cloud storage, where business records are located outside the company’s perimeter.