New & Notable
News
Ransomware ramps up against private sector in November
Ransomware disclosures and reports increased again in November, with the most disruptive and dangerous attacks occurring against healthcare organizations.
Evaluate
5 network security predictions for 2024
Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence.
News
Fancy Bear hackers still exploiting Microsoft Exchange flaw
Microsoft and Polish Cyber Command warned enterprises that Russian nation-state hackers are exploiting CVE-2023-23397 to gain privileged access to Exchange email accounts.
Evaluate
Top 13 ransomware targets in 2024 and beyond
Two in three organizations suffered ransomware attacks in a single year, according to recent research. And, while some sectors bear the brunt, no one is safe.
Trending Topics
-
Data Security & Privacy News
Black Basta ransomware payments exceed $100M since 2022
Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years.
-
Threats & Vulnerabilities Evaluate
Top 13 ransomware targets in 2024 and beyond
Two in three organizations suffered ransomware attacks in a single year, according to recent research. And, while some sectors bear the brunt, no one is safe.
-
IAM Problem Solve
How to solve 2 MFA challenges: SIM swapping and MFA fatigue
While MFA improves account security, attacks still exploit it. Learn about two MFA challenges -- SIM swapping and MFA fatigue -- and how to mitigate them.
-
Analytics & Automation News
JPMorgan Chase CISO explains why he's an 'AI optimist'
Pat Opet, CISO at JPMorgan Chase & Co., discussed how the financial services giant invests in cybersecurity and where generative AI could provide game-changing benefits.
-
Network Security Evaluate
5 network security predictions for 2024
Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence.
-
Operations & Management Manage
7 key OT security best practices
Keeping operational technology secure requires vigilance and effort, especially as OT increasingly converges with IT. These cybersecurity best practices can help.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
5 network security predictions for 2024
Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence.
-
Top 13 ransomware targets in 2024 and beyond
-
How passwordless authentication aids identity security
-
Cybersecurity budgets lose momentum in uncertain economy
-
-
Problem Solve
How to solve 2 MFA challenges: SIM swapping and MFA fatigue
While MFA improves account security, attacks still exploit it. Learn about two MFA challenges -- SIM swapping and MFA fatigue -- and how to mitigate them.
-
8 ways to cope with cybersecurity budget cuts
-
Top 7 cloud misconfigurations and best practices to avoid them
-
Top 10 tips for employees to prevent phishing attacks
-
-
Manage
7 key OT security best practices
Keeping operational technology secure requires vigilance and effort, especially as OT increasingly converges with IT. These cybersecurity best practices can help.
-
5 MFA implementation tips for organizations
-
15 benefits of outsourcing your cybersecurity operations
-
AI in risk management: Top benefits and challenges explained
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
Mitre ATT&CK framework
The Mitre ATT&CK (pronounced miter attack) framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyber adversaries to help organizations strengthen their cybersecurity strategies.
-
Get Started
timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system.
-
Get Started
privileged identity management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.
Multimedia
-
News
View All -
Threat detection and response
Fancy Bear hackers still exploiting Microsoft Exchange flaw
Microsoft and Polish Cyber Command warned enterprises that Russian nation-state hackers are exploiting CVE-2023-23397 to gain privileged access to Exchange email accounts.
-
Data security and privacy
Black Basta ransomware payments exceed $100M since 2022
Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years.
-
Threat detection and response
ScamClub spreads fake McAfee alerts to ESPN, AP, CBS sites
Malwarebytes said the malicious affiliate behind the fake virus alerts and other malvertising attacks has been flagged many times over the years, but McAfee has yet to take action.
Security Definitions
- CISO as a service (vCISO, virtual CISO, fractional CISO)
- What is cyber hygiene and why is it important?
- cardholder data environment (CDE)
- mandatory access control (MAC)