Security Awareness Training Should Always Lead to Changes in Behavior
It's important to recognize that a core outcome of security awareness and training efforts needs to be changing behaviors.
AppSec Insights From Think 2019: Four Steps to Optimize Your Application Security Program
Whether you're a small startup or an international enterprise, a successful application security program involves more than just scanning for vulnerabilities.
Podcast: ‘You Can Never Have Too Much Encryption’
Companies are implementing encryption, but most defenses remain piecemeal. How can security leaders improve protection without sacrificing performance?
Rethinking the Industry’s Approach to the Cybersecurity Skills Gap
Until now, we've looked at the cybersecurity skills gap in a very broad sense, as if all security jobs and needs are equal. Maybe it's time we look at the skills gap problem in different ways.
Mobile Security Risks Are on the Rise, But Employers Continue to Cut Corners
While smartphones and tablets have become more ubiquitous in the workplace, organizations are flat out ignoring mobile security risks.
Preparing for the CCPA: Leverage GDPR Investments to Accelerate Readiness
To prepare for the CCPA and other upcoming data privacy regulations, start by applying the best practices and frameworks you used to achieve GDPR readiness when the regulation took effect last May.
Missed DNS Flag Day? It’s Not Too Late to Upgrade Your Domain Security
Whether or not you plan on using DNS cookies or DNSSEC, foreseeing an upgrade plan for your software to the latest version made available as part of DNS Flag Day is highly advised.
Adopting the NIST 800-53 Control Framework? Learn More About the Anticipated Changes in 2019
Organizations adopting NIST 800-53 should understand how upcoming changes will affect senior leadership accountability, data privacy and third-party assessments.
Threat Actor Using Fake LinkedIn Job Offers to Deliver More_eggs Backdoor
Security researchers discovered that a threat actor is targeting LinkedIn users with fake job offers to deliver the More_eggs backdoor.
Are You Really Covered by Your Cyber Insurance?
Statistically, you're probably not. Even those with cyber insurance often have policies that leave them exposed to certain types of breaches, regulatory fines and real-world financial losses.