Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Conference Coverage 16 May 2025
RSAC Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 01 May 2025
RSAC 2025: The time for crypto-agility adoption is now

An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography. Continue Reading
By
- Kyle Johnson, Technology Editor

Definition 16 May 2025
What is risk appetite?

Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 13 May 2025

Building effective security programs requires strategy, patience and clear vision

Capital One executives share insights on how organizations should design their security programs, implement passwordless technologies, and reduce their attack surface. Continue Reading
News 13 May 2025

Cyber then & now: Inside a 2-decade industry evolution

On Dark Reading's 19-year anniversary, Editor-in-Chief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges, and what's next beyond AI. Continue Reading
Definition 09 May 2025
What is a security operations center (SOC)?

A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks. Continue Reading
By
- Kinza Yasar, Technical Writer
- Paul Kirvan
- Sarah Lewis
News 06 May 2025

AI domination: RSAC 2025 social media roundup

Documented in a series of social media posts, cybersecurity experts shared with Dark Reading their insights on RSAC 2025 throughout the week. Continue Reading
News 02 May 2025

IBM uses agentic AI for autonomous security operations: RSAC 2025

The launch of IBM’s Autonomous Threat Operations Machine and X-Force Predictive Threat Intelligence agent were announced at the event. Continue Reading
News 02 May 2025

SANS top 5: Cyber has busted out of the SOC

This year's top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging and regulatory constraints keeping defenders from fully utilizing AI's capabilities. Continue Reading
Feature 01 May 2025
RSAC 2025: The time for crypto-agility adoption is now

An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 30 Apr 2025
RSAC Conference 2025 video reports

We chatted on camera with attendees and presenters at RSAC 2025. Check out this video collection to get highlights from one of the world's major cybersecurity conferences. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
News 29 Apr 2025

RSAC 2025: Cisco debuts latest AI cybersecurity innovations

In terms of innovation, Cisco says it's 'just getting warmed up.' Continue Reading
News 29 Apr 2025

U.S. critical infrastructure still struggles with OT security

How does a company defend itself from cyberattacks by a foreign adversary? A collection of experts gathered at this year's RSAC Conference to explain how the U.S. can help. Continue Reading
News 28 Apr 2025
Cisco AI Defense embeds with ServiceNow SecOps tools

Cisco AI Defense will feed in data and automate AI governance in ServiceNow SecOps products as enterprises seek a platform approach to cybersecurity. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 28 Apr 2025
Cisco, former Google, Meta experts train cybersecurity LLM

Cisco's new Foundation AI group, which includes engineers from multiple companies, has released a compact AI reasoning model based on Llama 3 for cybersecurity to open source. Continue Reading
By
- Beth Pariseau, Senior News Writer
Opinion 25 Apr 2025
RSAC 2025 to center on agentic AI, GenAI in security

If AI continues to become more accurate and secure, automation and self-healing systems that strengthen security programs could be the future. Continue Reading
By
- Melinda Marks, Practice Director
Tip 24 Apr 2025
How to incorporate smishing into security awareness training

Smishing is a major threat on enterprise smartphones, but users might not know how it compares to traditional email phishing. IT can help block attacks with training and testing. Continue Reading
By
- Brien Posey
Definition 23 Apr 2025
What is ransomware? Definition and complete guide

Ransomware is malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
Opinion 22 Apr 2025
3 EUC security topics I'll be looking for at RSAC 2025

There will be a ton of security topics that RSA Conference-goers can check out, but IT admins should be aware of three common themes surrounding email and endpoints. Continue Reading
By
- Gabe Knuth, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 21 Apr 2025
How to create a CBOM for quantum readiness

Quantum is on the horizon -- is your organization ready to migrate to post-quantum cryptographic algorithms? Make a CBOM to understand where risky encryption algorithms are used. Continue Reading
By
- Rob Shapland
Tip 17 Apr 2025
Building mobile security awareness training for end users

Do concerns of malware, social engineering and unpatched software on employee mobile devices have you up at night? One good place to start is mobile security awareness training. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 17 Apr 2025
Tips to find cyber insurance coverage in 2025

Most businesses have a form of cyber insurance, either through cyber liability and data breach endorsements in traditional business policies or through standalone cyber policies. Continue Reading
By
- Kathleen Richards
Tip 14 Apr 2025
How to conduct ransomware awareness training for employees

As your organization's first line of defense, hold regular employee training on how to prevent, detect and respond to ransomware attacks. Continue Reading
By
- Sharon Shea, Executive Editor
Tutorial 14 Apr 2025
How to create custom sudo configuration files in /etc/sudoers

Sudo offers administrators a lot of flexibility. Creating custom sudo configurations can go a long way toward easing management and service upgrade challenges. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 08 Apr 2025
Ransomware payments: Considerations before paying

To pay or not to pay -- that's the question after a ransomware attack. Law enforcement recommends against it, but that doesn't stop some companies from paying up. Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 08 Apr 2025
What is a side-channel attack?

A side-channel attack is a cybersecurity exploit that aims to gather information from or influence a system's program execution. It does this by measuring or exploiting indirect effects of the system or its hardware rather than directly targeting the program or its code. Continue Reading
By
- Scott Robinson, New Era Technology
- Gavin Wright
- Alexander S. Gillis, Technical Writer and Editor
Video 07 Apr 2025
An explanation of cybercrime

Cybercrime refers to criminal activity that uses a computer, networked device or network. Its many forms, from extortion to identity theft, can cause real damage to organizations. Continue Reading
By
- Tommy Everson, Assistant Editor
News 07 Apr 2025

RSAC unveils keynote speaker slate for RSAC 2025 Conference

RSAC, the company behind the world's largest and most influential cybersecurity conference, today announced its current lineup of keynote speakers for its upcoming RSAC 2025 Conference, taking place at the Moscone Center in San Francisco from April 28 – May 1. Continue Reading
News 04 Apr 2025

Trends at the 2024 RSAC startup competition

Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI and accomplishing novel security solutions with new models. Continue Reading
News 04 Apr 2025

RSAC Conference 2025 Innovation Sandbox contest celebrates 20th anniversary

Starting in 2025, the RSAC Innovation Sandbox Top 10 Finalists will each receive a $5 million investment to drive cybersecurity innovation. Continue Reading
Opinion 31 Mar 2025
Security could be the use case AI PCs need

AI PCs have struggled to find a perfect use case, but the need for stronger security systems on local desktops, along with agentic AI might end that struggle. Continue Reading
By
- Gabe Knuth, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Opinion 26 Mar 2025
Making a case for the cybersecurity data fabric

When it comes to data, context is everything. Learn how a cybersecurity data fabric can supercharge a security team's ability to see the big picture. Continue Reading
By
- Tyler Shields
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 13 Mar 2025
10 biggest data breaches in history, and how to prevent them

Did you know the biggest data breach in history exposed a whopping 3 billion user records? Don't make the same mistakes these companies did in the largest data breaches in history. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 13 Mar 2025
How to build an application security program

A well-defined application security program that includes multilayer software testing, SBOMs, and documentation and standards is vital to protect apps from threat actors. Continue Reading
By
- Colin Domoney
Definition 11 Mar 2025
What is a copyright?

Copyright is a legal term describing ownership or control of the rights to use and distribute certain works of creative expression, including books, video, motion pictures, musical compositions and computer programs. Continue Reading
By
- Katie Terrell Hanna
- Peter Loshin, Former Senior Technology Editor
- Robert Richardson
Tip 07 Mar 2025
SEC cybersecurity disclosure rules, with checklist

Public companies must regularly share information about their cybersecurity practices and disclose details of material cyberincidents. Learn how to comply. Continue Reading
By
- Paul Kirvan
Tip 07 Mar 2025
Top 14 open source penetration testing tools

From Aircrack-ng to ZAP, these open source penetration testing tools are essential additions to any security pro's toolbox. Continue Reading
By
- Ed Moyle, SecurityCurve
Feature 06 Mar 2025
How to create a data security policy, with template

When it comes to data security, the devil is in the details. One critical detail organizations shouldn't overlook is a succinct yet detailed data security policy. Continue Reading
By
- Paul Kirvan
Tip 04 Mar 2025
Types of DNS servers and how they work, plus security threats

DNS security is a critical component of system administration. Learn about five types of DNS servers, what each does and the security threats each server faces. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 28 Feb 2025
What is a watering hole attack?

A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Gavin Wright
- Madelyn Bacon, TechTarget
Definition 28 Feb 2025
What is the NSA and how does it work?

The National Security Agency (NSA) is a federal government surveillance and intelligence agency that's part of the U.S. Department of Defense and is managed under the authority of the director of national intelligence (DNI). Continue Reading
By
News 27 Feb 2025
CrowdStrike: China hacking has reached 'inflection point'

In its 2025 Global Threat Report, CrowdStrike observed an increase in China's cyber capabilities, with a focus on espionage and 'pre-positioning' itself in critical environments. Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 24 Feb 2025
Security, cost attention mark new era of storage modernization

According to recent research, enterprises are prioritizing cybersecurity and cost management. Storage vendors such as NetApp are making these elements a focal point of products. Continue Reading
By
- Simon Robinson, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 21 Feb 2025
What is application allowlisting?

Application allowlisting, previously known as 'application whitelisting,' is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Brien Posey
- Peter Loshin, Former Senior Technology Editor
Tip 19 Feb 2025
9 tips for migrating between managed SOC providers

Switching between managed SOCs can be daunting, but with proper planning, organizations can successfully navigate it. One important tip: Document everything. Continue Reading
By
- Jerald Murphy, Nemertes Research
Definition 19 Feb 2025
What is challenge-response authentication?

In computer security, challenge-response authentication is a set of protocols used to protect digital assets and services from unauthorized users, programs and activities. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Linda Rosencrance
Definition 11 Feb 2025
What is information security management system (ISMS)?

An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. Continue Reading
By
- Paul Kirvan
- Kinza Yasar, Technical Writer
Tutorial 11 Feb 2025
How to use pfSense: Use cases and initial configurations

Open source firewall and routing software pfSense offers a compelling mix of capabilities that can work for organizations large and small. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 10 Feb 2025
What is ISO 27001?

ISO 27001, formally known as ISO/IEC 27001:2022, is an information security standard jointly created by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). Continue Reading
By
- Paul Kirvan
- Katie Terrell Hanna
Definition 07 Feb 2025
What is physical security and how does it work?

Physical security protects personnel, hardware, software, networks, facilities and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Michael Cobb
Tip 05 Feb 2025
How to build an effective purple team playbook

Enterprises across a wide variety of vertical industries can benefit from purple team exercises that harness red and blue teams toward a common goal: reducing vulnerabilities. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
News 29 Jan 2025
CISO enlists agentic AI reinforcements for SecOps

AI agents are already in the hands of adversaries. One aerospace CISO has begun to use them to augment his SecOps staff and even the score. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 28 Jan 2025
DeepSeek claims 'malicious attacks' disrupting AI service

DeepSeek, which gained popularity recently for its AI platform, did not specify the cause of 'large-scale malicious attacks,' which continue to disrupt new account registrations. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 27 Jan 2025
Former CSRB members largely silent on dismissal

The Cyber Safety Review Board was investigating recent attacks by Chinese state-sponsored threat actor Salt Typhoon when DHS terminated all advisory board memberships. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 24 Jan 2025
What is SAML (Security Assertion Markup Language)?

Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems. Continue Reading
By
- Kinza Yasar, Technical Writer
- Peter Loshin, Former Senior Technology Editor
Podcast 23 Jan 2025
Review and predictions for open source software in 2025

Sigstore creator, Chainguard CEO, OpenSSF TAC member and Season 1 guest Dan Lorenc returns to review 2024 and make predictions for 2025. Continue Reading
By
- Beth Pariseau, Senior News Writer
Opinion 23 Jan 2025
Too many 'point'less tools: Platformization is better

Will 2025 be the year organizations ditch multiple point products and take a platform approach? Enterprise Strategy Group analyst Tyler Shields thinks it should be. Continue Reading
By
- Tyler Shields
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Podcast 22 Jan 2025
Cybersecurity expertise gaps: More than meets the eye

An S&P Global analyst charts the past, present and future of SecOps, where demand continues to outpace the supply of advanced skills. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 22 Jan 2025
Cyber Safety Review Board axed in DHS cost-cutting move

Benjamine C. Huffman, acting secretary of the Department of Homeland Security under Trump, terminates the memberships for all DHS advisory committees, including the CSRB. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 21 Jan 2025
Risk & Repeat: What is the future of CISA?

South Dakota Gov. Kristi Noem, who is President Donald Trump's nominee for DHS secretary, said during a recent confirmation hearing that CISA should be 'smaller.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Jan 2025
Biden order gives CISA software supply chain 'teeth'

The outgoing administration makes a Hail Mary attempt to salvage work it began in 2021 to require specific software supply chain security information from software suppliers. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 15 Jan 2025
Cisco AI cybersecurity launch touts shadow AI defense

Cisco wields the power of incumbency to weave AI security into existing cloud access management tools, including algorithmic validation testing on AI models. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 07 Jan 2025
Enterprise cybersecurity hygiene checklist for 2025

Enterprise cybersecurity hygiene must be a shared responsibility between employees and employers. Learn how both can get the job done with this checklist. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 06 Jan 2025
Amit Yoran, Tenable CEO and cybersecurity advocate, dies at 54

Amit Yoran was a decades-long practitioner of cybersecurity and previously held key roles at the U.S. Department of Homeland Security, RSA Security and NetWitness. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 02 Jan 2025
Top 7 enterprise cybersecurity challenges in 2025

Security teams faced unprecedented challenges in 2024. The year ahead appears no less daunting. Here are the cybersecurity trends and safeguards to consider in 2025. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 20 Dec 2024
Identity and access management tools and features for 2025

The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers. Continue Reading
By
- Ed Moyle, SecurityCurve
Guest Post 19 Dec 2024
Add gamification learning to your pen testing training playbook

Organizations that embrace gamification in their pen testing training are better positioned to build and maintain the skilled security teams needed to address evolving threats. Continue Reading
By
- Ed Skoudis, SANS Technology Institute
Tip 17 Dec 2024
The pros and cons of biometric authentication

Biometric authentication can be a solid supplement to passwords when securing data and systems. But understanding potential drawbacks, and planning to minimize them, is essential. Continue Reading
By
- Char Sample, ICF International
Tip 12 Dec 2024
9 identity and access management trends to watch in 2025

Identity threats continue to change and so, too, do the defenses developed to address those security challenges. Be ready for what's coming next in IAM. Continue Reading
By
- Phil Sweeney, Industry Editor
Tip 12 Dec 2024
7 must-know IAM standards in 2025

Does your IAM program need OAuth or OpenID Connect? Or maybe both? Let's look at the various standards and protocols that make identity management function. Continue Reading
By
- Sean Michael Kerner
Opinion 11 Dec 2024
3 cybersecurity predictions for 2025

Will service as software, agentic cybersecurity and automated remediation reach their potential in 2025? Read up on what analyst Tyler Shields has to say. Continue Reading
By
- Tyler Shields
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 05 Dec 2024
What are Common Criteria (CC) for Information Technology Security Evaluation?

Common Criteria (CC) is an international standard (ISO/IEC 15408) for evaluating information technology security products. Continue Reading
By
- Katie Terrell Hanna
Tip 02 Dec 2024
8 best practices for a bulletproof IAM strategy

IAM systems help to enable secure access to applications and resources. But to benefit from IAM -- and avoid a security failure -- teams must be ready to meet the challenges. Continue Reading
By
- Sean Michael Kerner
Tip 20 Nov 2024
4 types of access control

Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Tip 20 Nov 2024
User provisioning and deprovisioning: Why it matters for IAM

Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 18 Nov 2024
What CISOs need to know to build an OT cybersecurity program

More companies are tasking CISOs with operational technology security. But this oversight means a new strategy for those unfamiliar with building an effective OT security program. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
- Sharon Shea, Executive Editor
Podcast 14 Nov 2024
CEO: GenAI changes multi-cloud security, network equation

Aviatrix CEO Doug Merritt sees generative AI apps forcing a more distributed approach to cloud infrastructure, but he believes it will also help SecOps catch up with threats. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 12 Nov 2024
SIEM vs. SOAR vs. XDR: Evaluate the key differences

SIEM, SOAR and XDR each possess distinct capabilities and drawbacks. Learn the differences among the three, how they can work together and which your company needs. Continue Reading
By
- Paul Kirvan
Podcast 12 Nov 2024
Lines blur between enterprise SecOps and cyberdefense

One expert predicts AI will ultimately benefit attackers more than defenders and, instead, urges businesses to take a page out of military and government cyberdefense handbooks. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 12 Nov 2024
EDR vs. XDR vs. MDR: Key differences and benefits

One of the most important goals of cybersecurity professionals is to quickly identify potential or in-progress cyberattacks. These three approaches can help. Continue Reading
By
- Paul Kirvan
Tip 07 Nov 2024
How to create an enterprise cloud security budget

As companies migrate more sensitive data and resources into the cloud, it's important to deploy relevant security tools and processes, while staying within budget. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 06 Nov 2024
CISA on 2024 election security: 'Good news' for democracy

CISA Director Jen Easterly says that despite disruptions including bomb threats in multiple states, Election Day 2024 was a success story from a security standpoint. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Nov 2024
CISA: U.S. election disinformation peddled at massive scale

CISA said the U.S. cybersecurity agency has seen small-scale election incidents 'resulting in no significant impacts to election infrastructure,' such as low-level DDoS attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 01 Nov 2024
Could SBOMs save lives? SecOps in critical infrastructure

'We live in glass houses,' said a seasoned cybersecurity expert of the U.S. water supply, healthcare and other lifeline services. 'And people are about to start throwing rocks.' Continue Reading
By
- Beth Pariseau, Senior News Writer
Definition 01 Nov 2024
What is unified threat management (UTM)?

Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. Continue Reading
By
- Paul Kirvan
- Linda Rosencrance
Tip 01 Nov 2024
API security testing checklist: 7 key steps

APIs are a common attack vector for malicious actors. Use our API security testing checklist and best practices to protect your organization and its data. Continue Reading
By
- Dave Shackleford, Voodoo Security
- Michael Cobb
Feature 29 Oct 2024
How to configure and customize Kali Linux settings

Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
News 28 Oct 2024
Delta sues CrowdStrike over IT outage fallout

Delta said it suffered $500 million in damages. CrowdStrike said the airline company's claims 'demonstrate a lack of understanding of how modern cybersecurity works.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 28 Oct 2024
Types of cybersecurity controls and how to place them

A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset. Continue Reading
By
- Isabella Harford, TechTarget
- Packt Publishing
Definition 28 Oct 2024
What is authentication, authorization and accounting (AAA)?

Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Podcast 25 Oct 2024
Relearning past lessons in assessing cloud risk

Those who do not learn from history are doomed to repeat it -- even when that history is only about a decade or two old, according to one security analyst in this podcast episode. Continue Reading
By
- Beth Pariseau, Senior News Writer
Feature 16 Oct 2024
How to build an incident response plan, with examples, template

With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
By
- Paul Kirvan
Feature 16 Oct 2024
How to define cyber-risk appetite as a security leader

In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Wiley Publishing
Podcast 11 Oct 2024
SecOps from the IT infrastructure operations perspective

The CrowdStrike outage capped a decade of deepening divide between SecOps and the rest of IT ops -- and should bring about its end, according to one industry veteran. Continue Reading
By
- Beth Pariseau, Senior News Writer
Definition 10 Oct 2024
What is threat intelligence?

Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization. Continue Reading
By
Definition 10 Oct 2024
What is extended detection and response (XDR)?

Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment. Continue Reading
By
- Paul Kirvan
- Sean Michael Kerner
Podcast 08 Oct 2024
Risk & Repeat: Is Microsoft security back on track?

Microsoft has made significant changes to its cybersecurity practices and policies under the Secure Future Initiative. Are they enough to right the ship? Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 07 Oct 2024
How to use security as code to achieve DevSecOps

Security as code helps organizations achieve DevSecOps and shift-left security. Learn about SaC's benefits, challenges and implementation best practices. Continue Reading
By
- Paul Kirvan
News 03 Oct 2024
Microsoft SFI progress report elicits cautious optimism

Infosec experts say the Secure Future Initiative progress report shows Microsoft has made important changes to its policies, practices and accountability structures. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 03 Oct 2024
Microsoft security overhaul offers blueprint for SecOps

Better late than never: Microsoft lags major cloud competitors in making security a top priority. But other enterprises might learn from how the company is catching up. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 01 Oct 2024
T-Mobile reaches $31.5M breach settlement with FCC

After suffering several breaches, T-Mobile agreed to pay a $15.75 million civil penalty and make a $15.75 million investment to bolster its security over the next two years. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 30 Sep 2024
Risk & Repeat: Inside the Microsoft SFI progress report

The first Secure Future Initiative progress report highlighted improvements to Microsoft's security posture. But the company still faces major SecOps challenges. Continue Reading
By
- Rob Wright, Senior News Director