Identity & Access December 21, 2022

Beware of What Is Lurking in the Shadows of Your IT

6 min read - This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security…

Network August 23, 2022

Beyond Shadow IT: Expert Advice on How to Secure the Next Great Threat Surface

4 min read - You’ve heard all about shadow IT, but there’s another shadow lurking on your systems: Internet of Things (IoT) devices. These smart devices are the IoT in shadow IoT, and they could be maliciously or unintentionally exposing information. Threat actors can…

Zero Trust September 15, 2021

X-Force Report: No Shortage of Resources Aimed at Hacking Cloud Environments

4 min read - As cybercriminals remain steadfast in their pursuit of unsuspecting ways to infiltrate today’s businesses, a new report by IBM Security X-Force highlights the top tactics of cybercriminals, the open doors users are leaving for them and the burgeoning marketplace for…

Cloud Security August 12, 2021

Security Awareness Training: Beyond Cliche Advice for Remote Workers

4 min read - I’ve read what seems like a million articles on how to make security awareness training more effective for remote workers. And honestly, they all seem to say the same thing. Teach employees the basics and give them a list of…

Software Vulnerabilities November 23, 2020

Shadow IT: Addressing the Risks in Remote Work Environments

3 min read - Shadow IT can cause big problems for cybersecurity. The trouble is in the name: these connections exist in the shadows outside of IT (information technology) and security personnel’s knowledge. So, what can IT leaders do to address it in a…

Data Protection May 13, 2020

How to Build Usability Into Your Security Program

3 min read - Having solid security measures in place is a necessary condition for achieving your organization's overarching goals, but user productivity requires both security and usability.

CISO March 13, 2020

Inadvertent Insider Threats Present a Unique Challenge to Organizations

4 min read - While we may imagine inadvertent insider threats as careless people clicking on dodgy emails, this image needs to be updated to include a wide variety of poor security hygiene behaviors.

CISO February 12, 2020

We Need More Than Security Awareness to Combat Insider Threats

4 min read - When I was new to this industry, I firmly believed that insider threats occurred because people didn't know how to be safe online.

CISO October 11, 2019

How Cybersecurity Salaries Fit Experience and Specialization

4 min read - Not too long ago, there was a one-size-fits-all assumption about cybersecurity jobs. Today, jobs are more specialized — with higher cybersecurity salaries to match.

CISO August 5, 2019

4 Questions CISOs Need to Ask About Enterprise Cybersecurity

4 min read - It's not always easy to ask the hard questions about enterprise cybersecurity. Here are four questions that CISOs need to answer to boost infosec impact.