News, Insight and Analysis

News

• RSAC Conference 2025 video reports

  We chatted on camera with attendees and presenters at RSAC 2025. Check out this video collection to get highlights from one of the world's major cybersecurity conferences. Continue Reading

• Palo Alto announces ML-enabled software update and firewalls

  Palo Alto's updated PAN-OS software uses machine learning to analyze network traffic in real time, and two firewall appliances provide the processing power to support it. Continue Reading

• Hackers upping SSL usage for encrypted attacks, communications

  A report from cloud security vendor Zscaler found that cybercriminals are using secure connections to evade detection while carrying out network attacks. Continue Reading

• Accenture sheds more light on August data breach

  The IT services giant disclosed in an SEC filing that threat actors stole and leaked proprietary data during a LockBit ransomware attack earlier this year. Continue Reading

• Google digs into Iran's APT35 hacking group

  Covert phishing tactics and cleverly disguised notifications are among the calling cards of the increasingly sophisticated operation aimed at Iran's opponents. Continue Reading

Get Started

• Risk maturity model: How it works and how to use one

  Explore risk maturity models and assessment tools for enhancing enterprise risk management. Improve ERM programs to mitigate risk and gain a competitive edge. Continue Reading

• How to create a remote access policy, with template

  Remote work, while beneficial, presents numerous security risks. Help keep your organization's systems safe with a remote access policy. Continue Reading

• RFI vs. RFP vs. RFQ: How they differ and which is best for you

  RFIs, RFPs and RFQs all help software buying teams gather different information, and teams usually only send out one or two. Learn more about when to send out each document. Continue Reading

• Sustainability and ESG glossary: 52 terms to know

  Sustainable strategies require basic understanding of the fundamentals. Business leaders and IT teams can benefit from this list of essential sustainability terms and ESG concepts. Continue Reading

• How to build an incident response plan, with examples, template

  With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading

Evaluate

• 6 must-read blockchain books for 2025

  Numerous sources provide comprehensive information on blockchain fundamentals and applications. We narrowed the field to six of the most popular and diverse books available. Continue Reading

• The ultimate guide to cybersecurity planning for businesses

  This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading

• 17 potential costs of shadow IT

  Companies should be vigilant and consider the significant costs associated with shadow IT. Learn about these overlooked issues and how they affect the organization. Continue Reading

• What are the pros and cons of shadow IT?

  The increase of generative AI, digital natives and remote work drives the rise of shadow IT. CIOs and IT leaders should evaluate the pros and cons to mitigate potential risks. Continue Reading

• Top incident response service providers, vendors and software

  Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading

Manage

• What is a compliance audit? (with an example checklist)

  A compliance audit is critical for finding any potential compliance gaps in an organization's operations. Here's what companies can do to prepare for them. Continue Reading

• Compliance stakeholders and how to work with them

  Stakeholders' involvement can strengthen an organization's compliance program. Learn best practices for engaging key stakeholders in compliance initiatives. Continue Reading

• The top 4 sustainable marketing challenges

  Sustainable marketing shows consumers that an organization takes environmental and social responsibility seriously. Yet, marketers must use careful language to avoid greenwashing. Continue Reading

• 5 cybersecurity risks and challenges in supply chain

  Supply chains have a range of connection points -- and vulnerabilities. Learn which vulnerabilities hackers look for first and how leaders can fend them off. Continue Reading

• Top 10 types of information security threats for IT teams

  Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and how to prevent them. Continue Reading

Problem Solve

• How do cybercriminals steal credit card information?

  Cybercriminals have various methods at their disposal to hack and exploit credit card information. Learn what they are, how to prevent them and what to do when hacked. Continue Reading

• 7 supply chain resilience strategies to use now

  Weather events, geopolitical unrest and other disruptions are occurring more frequently. These seven supply chain resilience techniques can help manage them. Continue Reading

• 8 dangers of shadow IT and how to manage them

  Unauthorized devices, software and system changes -- and other forms of shadow IT -- can expose organizations to a range of security risks. Here are ways to manage them. Continue Reading

• How to avoid malware on Linux systems

  Malware attacks are devastating to companies, and there is no exception for Linux systems. Consider updating systems and assigning correct permissions. Continue Reading

• CERT vs. CSIRT vs. SOC: What's the difference?

  What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading