Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Feature 30 May 2023
Vendors: Threat actor taxonomies are confusing but essential

Despite concern about the proliferation of naming taxonomies used to identify threat groups, vendors say they are crucial their understanding and visibility into threat activity. Continue Reading
Tip 25 May 2023
How to conduct a smart contract audit and why it's needed

Smart contracts ensure the integrity of transactions, such as those that initiate key services. A smart contract audit is one way to ensure the programs work as designed. Continue Reading

Opinion 29 Sep 2022

Multifactor authentication isn't perfect, passwordless is better

Passwords are frequently the root cause of breaches, and multifactor authentication only provides a stopgap for account protection. It's time to adopt a passwordless strategy. Continue Reading
Guest Post 29 Sep 2022

Solve ICS security issues with ICS and IT team convergence

It's predicted that threat actors will weaponize industrial control systems to harm or kill humans by 2025. Prepare by learning how to balance ICS and security convergence. Continue Reading
Guest Post 26 Sep 2022

Tips for developing cybersecurity leadership talent

Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst. Continue Reading
News 21 Sep 2022

Cobalt Strike gets emergency patch

The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite. Continue Reading
Answer 20 Sep 2022

How DKIM records reduce email spoofing, phishing and spam

Learn how implementing DomainKeys Identified Mail helps protect against phishing, spam and email forgery by digitally signing outgoing messages. Continue Reading
Tip 20 Sep 2022

How to develop a cybersecurity strategy: Step-by-step guide

A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there. Continue Reading
Tip 16 Sep 2022

Discover the benefits and challenges of bug bounty programs

Bug bounty programs have a number of benefits and challenges. Before adopting such a program at your organization, read up on the pros and cons to decide if it would be a good fit. Continue Reading
Guest Post 16 Sep 2022

How SOCs can identify the threat actors behind the threats

Learn how SOC teams can track threat actors by understanding the factors that influence an attack, such as the type of infrastructure used or commonly targeted victims. Continue Reading
Podcast 16 Sep 2022

Risk & Repeat: The White House wants secure software

This podcast episode discusses the implications of the Biden administration's new purchasing and usage guidelines for software utilized by U.S. federal agencies. Continue Reading
News 14 Sep 2022

Biden issues cybersecurity guidance for software vendors

The guidance is an extension of President Biden's cybersecurity executive order from 2021 and includes new requirements for software deployed in federal agencies. Continue Reading
Feature 12 Sep 2022

How to prepare for post-quantum computing security

One of the biggest fears about quantum computing is its ability to break encryption algorithms more easily. Learn why and how to start making quantum security preparations now. Continue Reading
Quiz 09 Sep 2022

Sample CompTIA CASP+ practice questions with answers

Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
Feature 09 Sep 2022

How to prepare for the CompTIA CASP+ exam

Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
Feature 05 Sep 2022

What is the future of cybersecurity?

Cybersecurity is top of mind for businesses and their boards amid a relentless rise in cyber threats. What does the future of cybersecurity look like? Continue Reading
Tip 01 Sep 2022

Cybersecurity budget breakdown and best practices

Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
Feature 30 Aug 2022

20 free cybersecurity tools you should know about

Cybersecurity products can get pricy but there are many excellent open source tools to help secure your systems and data. Here's a list of some of the most popular with cyber pros. Continue Reading
News 25 Aug 2022

Twitter whistleblower report holds security lessons

The whistleblower report from Twitter's former security lead should provide companies and boards with lessons on how not to handle internal security concerns. Continue Reading
Tip 24 Aug 2022

How to conduct a secure code review

Learn how to conduct a secure code review -- a critical step in the software development lifecycle -- to avoid releasing an app with bugs and security vulnerabilities. Continue Reading
Tip 18 Aug 2022

What is identity sprawl and how can it be managed?

With identity-based attacks on the rise, organizations need to prioritize identity management. Learn about identity sprawl, why it's a risk and how it can be managed. Continue Reading
Opinion 17 Aug 2022

Data security as a layer in defense in depth against ransomware

Having data security as part of a defense-in-depth strategy can reduce the likelihood of a successful ransomware attack. Continue Reading
News 16 Aug 2022

For cyber insurance, some technology leads to higher premiums

Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk. Continue Reading
Tip 16 Aug 2022

5 tips for building a cybersecurity culture at your company

As a company's cyber risks evolve, so must its culture. Here are five tips for creating a cybersecurity culture that protects the business and is meaningful for employees. Continue Reading
Tip 15 Aug 2022

Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
News 11 Aug 2022

Sigstore co-creator talks GitHub, Kubernetes and next steps

Dan Lorenc reflects on a whirlwind year for his open source project, now officially incorporated into Kubernetes and GitHub's npm registry, and his plans for the year to come. Continue Reading
News 11 Aug 2022

How CI/CD pipelines are putting enterprise networks at risk

At Black Hat USA 2022, NCC Group researchers demonstrated how threat actors can compromise CI/CD pipelines and break out into enterprise networks and cloud environments. Continue Reading
Feature 11 Aug 2022

What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
News 10 Aug 2022

AWS, Splunk and more launch cybersecurity analytics standard

AWS and other IT vendors will start building connectors based on a new standard schema meant to streamline data sharing between cybersecurity tools. Continue Reading
Feature 10 Aug 2022

Is ethical hacking legal? And more ethical hacking advice

Is ethical hacking legal? Learn about the legality of ethical hacking, why it's important, its benefits and what organizations should look for when hiring an ethical hacker. Continue Reading
Feature 10 Aug 2022

Ethical hacking: How to conduct a Sticky Keys hack

Physical security is often overlooked by cybersecurity teams. Learn about physical cybersecurity attacks in step-by-step instruction on how to conduct a Windows Sticky Keys hack. Continue Reading
Tip 08 Aug 2022

10 top open source security testing tools

From Kali Linux to Mimikatz to Metasploit, learn about 10 open source penetration testing tools organizations can use to determine how secure their network is. Continue Reading
News 08 Aug 2022

VMware: The threat of lateral movement is growing

The majority of incident response professionals surveyed for VMware's 'Global Incident Response Threat Report' observed lateral movement in at least some attacks in the past year. Continue Reading
Feature 05 Aug 2022

Importance of enterprise endpoint security during a pandemic

Enterprises often focus greatly on communications security and less on endpoint security. Review the importance of enterprise endpoint security and best practices to implement it. Continue Reading
Feature 02 Aug 2022

The importance of data security in the enterprise

Three industry experts discuss the criticality of data security in the enterprise, including the significance of data breaches and compliance regulations. Continue Reading
Tip 01 Aug 2022

Top 10 UEBA enterprise use cases

The top user and entity behavior analytics use cases fall in cybersecurity, network and data center operations, management and business operations. Check out the risks. Continue Reading
Feature 29 Jul 2022

10 biggest data breaches in history, and how to prevent them

Did you know the biggest data breach in history exposed a whopping 3 billion records? Learn more about the largest data breaches and get advice on how to prevent similar attacks. Continue Reading
Tip 28 Jul 2022

How to perform a data risk assessment, step by step

Organizations need confidence that they are properly identifying and protecting sensitive data. Follow these five steps to create a data risk assessment. Continue Reading
Guest Post 26 Jul 2022

3 ways to help cybersecurity pros avoid burnout

Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading
Tip 22 Jul 2022

Top 10 enterprise data security best practices

To protect your organization's data and prevent its misuse, incorporate these 10 data security best practices into your enterprise data security strategy. Continue Reading
Feature 21 Jul 2022

How to create a data security policy, with template

Are you looking to create or update your organization's data security policy? Learn about the key elements of a data security policy, and use our free template to get started. Continue Reading
News 21 Jul 2022

SynSaber: Only 41% of ICS vulnerabilities require attention

The industrial cybersecurity vendor analyzed 681 ICS vulnerabilities that were disclosed this year and found many had a low probability of exploitation. Continue Reading
Feature 20 Jul 2022

VMDR: Inside vulnerability management, detection and response

VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool? Continue Reading
News 20 Jul 2022

Sophos launches cross-operational task force X-Ops

The Sophos X-Ops team aims to create an AI-assisted security operations center using the cybersecurity vendor's research and threat response teams. Continue Reading
Feature 19 Jul 2022

Cyber-war game case study: Preparing for a ransomware attack

In this real-world cyber-war game case study, an exercise on ransomware preparedness helped a company discover shortcomings in its incident response plan. Continue Reading
Tip 14 Jul 2022

SecOps vs. CloudSecOps: What does a CloudSecOps team do?

Now, more than ever, organizations need to build controls, monitor and enact security response activities for the cloud. This is where the CloudSecOps team comes into play. Continue Reading
Feature 08 Jul 2022

Clearing up cybersecurity architecture confusion, challenges

There's no lack of cybersecurity frameworks, but there is a lack of resources to help small and midsize organizations build a cybersecurity architecture -- until now. Continue Reading
Feature 08 Jul 2022

4 criteria to measure cybersecurity goal success

Measuring the success of cybersecurity goals is challenging because they are components of larger goals and often probabilistic rather than deterministic. Continue Reading
Tip 07 Jul 2022

How to create a critical infrastructure incident response plan

Does your organization have an incident response plan for disruptions to critical infrastructure? Learn how to write a successful plan for your company. Continue Reading
Feature 05 Jul 2022

How to define cyber-risk appetite as a security leader

In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading
Feature 05 Jul 2022

A 'CISO evolution' means connecting business value to security

As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
Tip 29 Jun 2022

How to conduct a cyber-resilience assessment

It's a good cyber hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment. Continue Reading
Tip 28 Jun 2022

Do you meet all the modern authentication requirements?

Microsoft's push to a more secure method for user authentication and authorization could catch some enterprises flat-footed if IT hasn't done its homework. Continue Reading
Tip 28 Jun 2022

Negotiating a golden parachute clause in a CISO contract

If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading
Feature 27 Jun 2022

How to determine out-of-scope bug bounty assets

What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.' Continue Reading
Feature 27 Jun 2022

An enterprise bug bounty program vs. VDP: Which is better?

Creating a bug bounty or vulnerability disclosure program? Learn which option might prove more useful, and get tips on getting a program off the ground. Continue Reading
Tutorial 27 Jun 2022

How to set up Exchange Online modern authentication

Microsoft plans to tighten up security on its hosted email platform to prevent attackers from gaining access to user credentials. Is your organization ready? Continue Reading
News 23 Jun 2022

Access management issues may create security holes

Employees who aren't credentialed to access corporate systems to do their jobs find ways around the red tape that could lead to security breaches. Continue Reading
News 22 Jun 2022

Ongoing PowerShell security threats prompt a call to action

Although PowerShell poses an ongoing risk to enterprise security as a post-exploitation tool, authorities strongly advise against disabling it completely. Continue Reading
News 22 Jun 2022

Proofpoint: Social engineering attacks slipping past users

Executives, administrators and network defenders overlook the severity of many of the most effective social engineering tools, Proofpoint cautions. Continue Reading
Guest Post 21 Jun 2022

How to address security risks in GPS-enabled devices

GPS-enabled devices not only pose personal risks but also pose risks to organizations. Learn about the security risks associated with tracking devices and how to address them. Continue Reading
News 21 Jun 2022

Forescout discloses 'OT:Icefall,' 56 flaws from 10 vendors

The OT:Icefall vulnerabilities come from 10 operational technology vendors that make hardware for critical infrastructure, including Emerson, Honeywell, Motorola and more. Continue Reading
News 20 Jun 2022

Healthcare breaches on the rise in 2022

According to U.S. government data, the number of healthcare breaches in the first five months of 2022 has nearly doubled from the same period last year. Continue Reading
Tip 14 Jun 2022

Creating a patch management policy: Step-by-step guide

A comprehensive IT patch management policy is insurance against network hardware and software prone to bugs and vulnerabilities that can disrupt critical business processes. Continue Reading
News 09 Jun 2022

CrowdStrike demonstrates dangers of container escape attacks

CrowdStrike gave a live demonstration at RSA Conference 2022 of how an attacker can use a recently discovered Kubernetes flaw to obtain full control over a container's host system. Continue Reading
News 08 Jun 2022

CISA director promotes collaboration and trust at RSAC 2022

Jen Easterly said there's growing momentum for stronger collaboration and communication between government agencies like CISA and private-sector cybersecurity companies. Continue Reading
News 07 Jun 2022

Cisco Talos: Destructive malware, supply chain attacks rising

At RSA Conference 2022, Cisco Talos discussed how adversaries have evolved and changed their tactics, leading to major shifts in the threat landscape. Continue Reading
News 07 Jun 2022

Microsoft flags common pitfalls for cyber insurance

Cyber insurance is getting more expensive and tougher to acquire. At RSA Conference 2022, Microsoft's Cynthia James discussed the common mistakes made when obtaining coverage. Continue Reading
Tip 07 Jun 2022

8 benefits of DevSecOps automation

DevSecOps automation can help organizations scale development while adding security, as well as uniformly adopt security features and reduce remedial tasks. Continue Reading
News 07 Jun 2022

Microsoft details zero-trust transition, challenges

Over the past three years, Microsoft has moved to a zero-trust framework. Security engineers outlined the transition and its challenges during a session at RSA Conference 2022. Continue Reading
News 07 Jun 2022

DNI Avril Haines: Cybersecurity is getting harder

During her RSA Conference 2022 keynote, the U.S. Director of National Intelligence discussed the increase in cyber threats, from nation-state attacks to commercial hacking tools. Continue Reading
News 02 Jun 2022

Conti ransomware group targeted Intel firmware tools

A pair of Intel firmware management platforms were targeted by the notorious Conti ransomware group to create new attack techniques, according to Eclypsium researchers. Continue Reading
Feature 01 Jun 2022

How ransomware kill chains help detect attacks

Reconstructing cyber attacks is a key step in incident response. Learn how ransomware kill chains can help security teams detect and mitigate the consequences of an attack. Continue Reading
Feature 01 Jun 2022

How to improve cyber attack detection using social media

Social media has cybersecurity pros and cons. One benefit is that it can help improve cyber attack detection. These four real-world examples show how. Continue Reading
News 01 Jun 2022

Hackers ransom 1,200 exposed Elasticsearch databases

An extensive extortion operation didn't need exploits or vulnerabilities to take over more than 1,200 Elasticsearch databases and demand bitcoin payments, according to Secureworks. Continue Reading
Feature 01 Jun 2022

How to design architecture for enterprise wireless security

Learn about a five-phase design methodology that will help your company plan for and create an enterprise wireless security architecture. Continue Reading
Tip 26 May 2022

Top 4 source code security best practices

Software supply chain attacks are on the rise. Follow these source code best practices to protect both in-house and third-party code. Continue Reading
News 24 May 2022

Developers targeted by poisoned Python library

A developer's expired domain led to a threat actor taking control of an open source library and poisoning it with malware that could steal private keys for AWS instances. Continue Reading
News 24 May 2022

MFA technology is rapidly evolving -- are mandates next?

The evolving landscapes of both the modern workplace and cyberthreats have paved the way for some organizations to require multifactor authentication protection. Will others join? Continue Reading
Tip 20 May 2022

How to counter insider threats in the software supply chain

Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain. Continue Reading
News 19 May 2022

QNAP devices hit by DeadBolt ransomware again

DeadBolt ransomware is once again targeting QNAP's NAS devices, and the vendor is urging customers to patch immediately. Continue Reading
Tip 19 May 2022

How to conduct a cyber-war gaming exercise

A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed. Continue Reading
News 18 May 2022

CISA calls out security misconfigurations, common mistakes

Poor security practices and misconfigured controls are allowing threat actors to compromise enterprise networks. Continue Reading
News 17 May 2022

North Korean IT workers targeting US enterprises

North Korean nationals are looking to land jobs at U.S. and European companies to collect sensitive data that could help the reclusive government's military programs. Continue Reading
Guest Post 17 May 2022

5 steps to ensure a successful access management strategy

Access management is top of mind for organizations, especially in the hybrid workspace. Follow these five steps to create an access management strategy that benefits all users. Continue Reading
Tip 16 May 2022

How micropatching could help close the security update gap

Countless known but unpatched vulnerabilities pose significant, ongoing risk to the typical enterprise. Learn how micropatching could help close the security update gap. Continue Reading
Tip 12 May 2022

3 ways to apply security by design in the cloud

Applying security-by-design principles to the cloud may not seem straightforward, but there are several ways to do so. These three areas are a good place to start. Continue Reading
News 11 May 2022

Critical F5 vulnerability under exploitation in the wild

A remote code vulnerability in F5 BIG-IP network appliances is now being scanned for by threat actors, and some experts have observed exploitation in the wild. Continue Reading
News 11 May 2022

US, allies warn of nation-state attacks against MSPs

The joint advisory did not name any specific nation-states, though co-sponsor agencies expect threat actors to 'step up their targeting' of managed service providers (MSPs). Continue Reading
Tip 10 May 2022

Microsoft modern authentication deadline looms over Exchange

Support for basic authentication will end this year, giving administrators who haven't switched to a newer authentication method little time to prepare for a smooth transition. Continue Reading
Tip 09 May 2022

The top secure software development frameworks

Keeping security top of mind when developing software is paramount. Learn how to incorporate security into the SDLC with the top secure software development frameworks. Continue Reading
News 04 May 2022

Winnti threat group rides again with IP theft campaign

A Chinese cyberespionage campaign, dubbed 'Operation CuckooBees' by Cybereason, went unnoticed for years as spies siphoned off intellectual property from companies. Continue Reading
Feature 03 May 2022

Cyber-war gaming: A cybersecurity tabletop exercise

Based off military war games, cyber-war gaming examines a company's security posture. Learn how it works, the readiness needed, who should be involved and more. Continue Reading
Feature 02 May 2022

Do phishing simulations work? Sometimes

Phishing simulations are becoming increasingly popular to pinpoint which employees fall victim to scams, but their effectiveness and morality have been called into question. Continue Reading
Tip 29 Apr 2022

Is cloud critical infrastructure? Prep now for provider outages

The cloud has quickly become critical infrastructure to many organizations. Learn about the top cloud provider outages, and discover tips on preventing disruption during downtime. Continue Reading
Feature 28 Apr 2022

Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
Feature 28 Apr 2022

Tips for using a threat profile to prevent nation-state attacks

Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading
Feature 27 Apr 2022

How to conduct Linux privilege escalations

Learn how to conduct Linux kernel exploitation with Metasploit and manually, as well as how to identify vulnerabilities on Linux using enumeration scripts. Continue Reading
Tip 27 Apr 2022

Best practices for creating an insider threat program

A thorough insider threat program includes plan preparation, threat assessment, and plan review and renewal. Learn how to implement this three-step model to protect your company. Continue Reading
Feature 22 Apr 2022

Unethical vulnerability disclosures 'a disgrace to our field'

The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
Tip 21 Apr 2022

7 best practices for Web3 security risk mitigation

Tech builders and businesses evaluating decentralized technologies should keep these seven Web3 security best practices in mind to help mitigate traditional and novel cyber threats. Continue Reading
Feature 21 Apr 2022

10 critical people skills today's CIOs and IT leaders need

Learn about 10 of the most important soft skills -- from communication to empathy -- and why they are critical to successful technology leadership. Continue Reading

1
2
3
4
5
6
7
8
9

Networking

Google interconnects with rival cloud providers
Video platform provider Pexip said Google's Cross-Cloud Interconnect reduced the cost of connecting Google Cloud with Microsoft ...
How to interact with network APIs using cURL, Postman tools
Network engineers can use cURL and Postman tools to work with network APIs. Use cases include getting interface information and ...
Modular network design benefits and approaches
Modular network design is a strategic way for enterprises to group network building blocks in order to streamline network ...

CIO

How to write an RFP for a software purchase, with template
Software buying teams should understand how to create an effective RFP. Here's a look at what components to include, along with a...
What are the 4 different types of blockchain technology?
Public, private, hybrid or consortium, each blockchain network has distinct pluses and minuses that largely drive its ideal uses ...
White House seeks public comment on national AI strategy
The White House wants to know about AI risks and benefits, as well as specific measures such as regulation that might help ...

Enterprise Desktop

What does the new Microsoft Intune Suite include?
With all the recent name changes with Microsoft's endpoint management products and add-ons, IT teams need to know what Intune ...
Does macOS need third-party antivirus in the enterprise?
Macs are known for their security, but that doesn't mean they're safe from viruses and other threats. IT teams can look into ...
Are devices that run only Microsoft Teams in our future?
Microsoft Teams has consistently grown and added new functionality, so what's next for this feature-rich platform? Maybe a ...

Cloud Computing

Cloud experts weigh in on the state of FinOps
Surprised by your cloud bill? Experts weigh in on the rising popularity of FinOps, the art of building a FinOps strategy and the ...
Dell Apex updates support enterprise 'cloud to ground' moves
Dell's latest Apex updates puts the company in a position to capitalize on the hybrid, multi-cloud and edge computing needs of ...
Prepare for the Azure Security Engineer Associate certification
Are you ready to boost your resume or further your cloud career path? Review this preparation guide to get ready for Exam AZ-500 ...

ComputerWeekly.com

Discovering the Diversity Process Flow in cyber
The UK Cyber Security Council's Simon Hepburn explains the Council's new Diversity Process Flow framework, and outlines its ...
NBN unveils uncapped data plan for remote Australia
Following a successful trial to examine delivery of an improved satellite service, including the capability to achieve faster ...
Qualcomm beefs up Snapdragon Space XR Developer Platform for immersive future
Mobile platform technology giant launches immersive technology designed to create a cross-device, extended and augmented reality ...

Close