Risk management

A successful risk management plan helps enterprises identify, plan for and mitigate potential risks. Learn about the components of risk management programs, including penetration tests, vulnerability and risk assessments, frameworks, security awareness training and more.

August 10, 2022 10 Aug'22
Chris Krebs: It's still too hard to work with the government

Former CISA Director Chris Krebs offered multiple areas of improvement to the U.S. government's cyber readiness during a Black Hat 2022 keynote.
August 09, 2022 09 Aug'22
IT pros weigh COVID-19 risks, safety at tech conferences

Companies preparing to send employees to tech conferences should have a COVID-19 safety plan and prepare for the possibility that some workers will bring the virus back to the office.
July 13, 2022 13 Jul'22
Supreme Court justices doxxed on dark web

Five conservative Supreme Court justices were reportedly doxxed by threat actors that claim to have obtained credit card numbers, addresses and other information.
July 07, 2022 07 Jul'22
Early detection crucial in stopping BEC scams

Cofense Intelligence studied hundreds of business email compromise attacks and found that most scams attempt to establish trust with targeted employees over multiple emails.

Bring yourself up to speed with our introductory content

Data masking vs. data encryption: How do they differ?

Discover how the data security techniques of data masking and data encryption compare, while also learning about different types of both and their use cases. Continue Reading
insider threat

An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets. Continue Reading
VMDR: Inside vulnerability management, detection and response

VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool? Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

5 data security challenges enterprises face today

Data empowers enterprises to succeed. But with great power comes great responsibility -- to keep that data secure. Here are five challenges today's businesses must meet. Continue Reading
Cybersecurity lessons learned from COVID-19 pandemic

Cybersecurity lessons companies learn from the COVID-19 pandemic include having work-from-home preparations and developing disaster recovery and business continuity plans. Continue Reading
How to define cyber-risk appetite as a security leader

In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading

Learn to apply best practices and optimize your operations.

How does proper SSH key management protect your network?

SSH connects key systems and the people and processes necessary to keep them functioning. Learn how to use SSH key management best practices to protect your systems and network. Continue Reading
Top 4 best practices to secure the SDLC

NIST's Secure Software Development Framework is a set of practices for mitigating software vulnerabilities. Learn about the top SDLC best practices included in this framework. Continue Reading
How to address security risks in GPS-enabled devices

GPS-enabled devices not only pose personal risks but also pose risks to organizations. Learn about the security risks associated with tracking devices and how to address them. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

A guide to MSP patch management best practices

As software patch management challenges mount, industry experts offer advice to MSPs on prioritizing system risk levels, selecting proper tools and testing patches internally. Continue Reading
Prepare for deepfake phishing attacks in the enterprise

Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector. Continue Reading
Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading