Risk management

A successful risk management plan helps enterprises identify, plan for and mitigate potential risks. Learn about the components of risk management programs, including penetration tests, vulnerability and risk assessments, frameworks, security awareness training and more.

August 18, 2022 18 Aug'22
Russian cyber attacks on Ukraine driven by government groups

Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies.
August 16, 2022 16 Aug'22
For cyber insurance, some technology leads to higher premiums

Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk.
August 16, 2022 16 Aug'22
Zero Day Initiative seeing an increase in failed patches

In a Q&A with TechTarget Editorial, Trend Micro Zero Day Initiative's Brian Gorenc and Dustin Childs discuss incomplete patches and the value of personal researcher relations.
August 11, 2022 11 Aug'22
Researchers reveal Kubernetes security holes, prevention

Researchers with Palo Alto Networks took the stage at Black Hat to explain how configurations and system privileges in Kubernetes clusters can allow container escape and takeover.

Bring yourself up to speed with our introductory content

How to create a threat profile, with template

Read five key steps on how to create a threat profile, and get started making them customized to your organization with our free template. Continue Reading
Data masking vs. data encryption: How do they differ?

Discover how the data security techniques of data masking and data encryption compare, while also learning about different types of both and their use cases. Continue Reading
insider threat

An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

5 data security challenges enterprises face today

Data empowers enterprises to succeed. But with great power comes great responsibility -- to keep that data secure. Here are five challenges today's businesses must meet. Continue Reading
Cybersecurity lessons learned from COVID-19 pandemic

Cybersecurity lessons companies learn from the COVID-19 pandemic include having work-from-home preparations and developing disaster recovery and business continuity plans. Continue Reading
How to define cyber-risk appetite as a security leader

In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading

Learn to apply best practices and optimize your operations.

How to ensure a secure metaverse in your organization

Before deploying your company's metaverse, follow these practices -- including inventorying vulnerabilities and developing T&Cs -- to proactively address metaverse security issues. Continue Reading
5 tips for building a cybersecurity culture at your company

As a company's cyber risks evolve, so must its culture. Here are five tips for creating a cybersecurity culture that protects the business and is meaningful for employees. Continue Reading
Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

A guide to MSP patch management best practices

As software patch management challenges mount, industry experts offer advice to MSPs on prioritizing system risk levels, selecting proper tools and testing patches internally. Continue Reading
Prepare for deepfake phishing attacks in the enterprise

Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector. Continue Reading
Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading