Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Conference Coverage 16 May 2025
RSAC Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 01 May 2025
RSAC 2025: The time for crypto-agility adoption is now

An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography. Continue Reading
By
- Kyle Johnson, Technology Editor

News 18 Apr 2024
CrowdStrike extends cloud security to Mission Cloud customers

CrowdStrike Falcon Cloud Security and Falcon Complete Cloud Detection and Response (CDR) will be made available through the Mission Cloud One AWS MSP platform. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Apr 2024
OT security vendor Nozomi Networks lands Air Force contract

Nozomi Networks CEO Edgard Capdevielle said the $1.25 million contract will be a guarantee that 'our products will continue to meet the requirements of the Air Force.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 10 Apr 2024
Benefits and challenges of NetOps-SecOps collaboration

Organizations need to tread carefully when planning how to converge their networking and security teams to achieve potential benefits and mitigate the challenges. Continue Reading
By
- John Burke, Nemertes Research
Feature 04 Apr 2024
The ultimate guide to mobile device security in the workplace

Mobile devices provide connectivity for employees to access business data and communicate with colleagues, but these unique benefits come with specific security challenges for IT. Continue Reading
By
- John Powers, Senior Site Editor
News 03 Apr 2024
Sophos: Ransomware present in 70% of IR investigations

Sophos' Active Adversary Report said securing remote desktop protocols and Active Directories and hardening credentials can help limit the influx of successful ransomware attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 03 Apr 2024
Cyber Safety Review Board slams Microsoft security failures

The Department of Homeland Security's Cyber Safety Review Board said a 'cascade' of errors at Microsoft allowed nation-state hackers to access U.S. government emails last year. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Apr 2024
Microsoft Copilot for Security brings GenAI to SOC teams

Microsoft's latest AI-powered tool, now generally available, has been beneficial for security teams regarding efficiency, but infosec experts see some room for improvements. Continue Reading
By
- Arielle Waldman, News Writer
Tip 02 Apr 2024
Cloud computing forensics techniques for evidence acquisition

With the proper tools and methodologies, security teams can provide analysts with the critical pieces required to complete cloud computing forensics investigations. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 29 Mar 2024
5 tips for building a cybersecurity culture at your company

As a company's cyber-risks evolve, so must its culture. Here are five tips for creating a cybersecurity culture that protects the business and is meaningful for employees. Continue Reading
By
- Jerald Murphy, Nemertes Research
Opinion 28 Mar 2024
5 areas to help secure your cyber-risk management program

To meet the challenges of managing cyber-risk, organizations need to have a cyber-risk management plan in place. Look at five areas to better secure your organization's assets. Continue Reading
By
- David Vance
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 28 Mar 2024
11 core elements of a successful data protection strategy

Your organization's data protection strategy might not include all 11 core elements and associated activities, but the important thing is to have a comprehensive strategy in place. Continue Reading
By
- Paul Kirvan
Tutorial 27 Mar 2024
Use sudo insults to add spice to incorrect password attempts

The life of an admin doesn't have to be dry. When a user enters a wrong password, for example, why not respond with a message that says, 'You're fired!' With sudo insults, you can. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 25 Mar 2024
Agent vs. agentless security: Learn the differences

Enterprises can either use an agent or agentless approach to monitor and secure their networks. Each approach has benefits and drawbacks. Continue Reading
By
- Michael Cobb
Tip 22 Mar 2024
Data protection impact assessment template and tips

Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading
By
- Paul Kirvan
Tutorial 22 Mar 2024
Fuzzy about fuzz testing? This fuzzing tutorial will help

Organizations are searching for ways to automate and improve their application security processes. Fuzz testing is one way to fill in some of the gaps. Continue Reading
By
- Ed Moyle, SecurityCurve
News 20 Mar 2024
CISA urges defensive actions against Volt Typhoon threats

The U.S. cybersecurity agency advised critical infrastructure leaders to adopt several best practices and defensive measures to protect against Chinese state-sponsored attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 19 Mar 2024
Surprising ways Microsoft Copilot for Security helps infosec

Microsoft Copilot is the first of many GenAI tools that should help security leaders accelerate their program development and strengthen security postures. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 14 Mar 2024
How to craft a generative AI security policy that works

The advent of generative AI threatens to poke additional holes in your cybersecurity strategy. Compiling a GenAI-based security policy to guide your responses can help. Continue Reading
By
- Paul Kirvan
Feature 06 Mar 2024
Cybersecurity market researchers forecast significant growth

The cybersecurity market is growing and changing at a rapid pace, leading to major opportunities for vendors, heightened confusion for buyers and new challenges for CISOs. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 05 Mar 2024
Inside an Alphv/BlackCat ransomware attack

Sygnia researchers investigated an intrusion in a client's network and discovered an Alphv/BlackCat ransomware actor had been lurking in the environment for weeks. Continue Reading
By
- Rob Wright, Senior News Director
News 29 Feb 2024
AWS on why CISOs should track 'the metric of no'

AWS' Clarke Rodgers believes that tracking the number of times CISOs say no to line-of-business requests will ultimately help them build a stronger security culture. Continue Reading
By
- Rob Wright, Senior News Director
Tutorial 26 Feb 2024
How to use a jump server to link security zones

Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 22 Feb 2024
What is cybersecurity?

Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats. Continue Reading
By
- Sharon Shea, Executive Editor
- Alexander S. Gillis, Technical Writer and Editor
Definition 20 Feb 2024
Advanced Encryption Standard (AES)

The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information. Continue Reading
By
Tip 15 Feb 2024
How to craft cyber-risk statements that work, with examples

A cyber-risk statement should be clear, concise and simple -- but that doesn't mean it's easy to write. Get tips and read our cyber-risk statement examples. Continue Reading
By
- Jerald Murphy, Nemertes Research
Tip 14 Feb 2024
What is cybersecurity mesh and how can it help you?

The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments. Continue Reading
By
- Ed Moyle, SecurityCurve
News 13 Feb 2024
Iranian cyberattacks targeting U.S. and Israeli entities

Google said Tuesday that state-backed Iranian actors targeted the U.S. and Israel consistently in the years prior to the start of the Israel-Hamas war as well as the months after. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Feb 2024
Benefits and challenges of managed cloud security services

The rapid drive to hybrid and multi-cloud environments has organizations scrambling to get proper protections into place. For many, external security support is critical. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Tip 12 Feb 2024
Top metaverse cybersecurity challenges: How to address them

As the metaverse takes shape, companies must consider a slew of new cybersecurity challenges and how to deal with them. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Feature 09 Feb 2024
A who's who of cybercrime investigators

Cybercrime investigations are more than just first response. Learn about the patchwork of organizations that work together to combat international cybercrime. Continue Reading
By
- Ben Lutkevich, Site Editor
Tip 09 Feb 2024
Understand the pros and cons of enterprise password managers

Almost half of breaches occur because of compromised credentials. Using a password manager to control how users create their IDs may be a good step to protect enterprise assets. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Feature 06 Feb 2024
20 free cybersecurity tools you should know about

Cybersecurity products can get pricy but there are many excellent open source tools to help secure your systems and data. Here's a list of some of the most popular with cyber pros. Continue Reading
By
- Andy Patrizio
Definition 05 Feb 2024
SOAR (security orchestration, automation and response)

SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance. Continue Reading
By
- Sharon Shea, Executive Editor
Guest Post 02 Feb 2024
GenAI development should follow secure-by-design principles

Every company wants a piece of the GenAI pie, but rushing to develop a product without incorporating secure-by-design principles could harm their business and customers. Continue Reading
By
- Ed Skoudis, SANS Technology Institute
News 02 Feb 2024
Cloudflare discloses breach related to stolen Okta data

Cloudflare initially believed it contained an attempted cyberattack last October by a threat actor using an access token stolen in a breach of Okta's customer support system. Continue Reading
By
- Rob Wright, Senior News Director
News 01 Feb 2024
CISA deputy director touts progress, anti-ransomware efforts

In this Q&A, CISA Deputy Director Nitin Natarajan shares his thoughts on scaling up to meet high demand, the agency's new initiative to address ransomware and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 01 Feb 2024
10 cybersecurity best practices and tips for businesses

Looking to improve your business's cybersecurity program? Study these 10 cybersecurity best practices and tips. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Tip 30 Jan 2024
Secure your machine learning models with these MLSecOps tips

By following MLSecOps best practices, companies can introduce AI and machine learning into development pipelines and processes without adding unmitigated security concerns, too. Continue Reading
By
- Nihad Hassan
Definition 30 Jan 2024
What is incident response? A complete guide

Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Sharon Shea, Executive Editor
Definition 29 Jan 2024
indicators of compromise (IOC)

Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor. Continue Reading
By
- Robert Sheldon
- Madelyn Bacon, TechTarget
Feature 29 Jan 2024
Top 10 types of information security threats for IT teams

Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and how to prevent them. Continue Reading
By
- TechTarget Contributor
Tip 29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 25 Jan 2024
Top benefits and challenges of SOAR tools

To ensure successful adoption, IT leaders need to understand the benefits of SOAR tools, as well as potential disadvantages. Explore pros, cons and how to measure SOAR success. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Jessica Groopman, Kaleido Insights
Tip 24 Jan 2024
The 9 best incident response metrics and how to use them

To solve a problem, one first has to know it exists. In incident response, that means knowing how long it takes to respond to and remediate threats, using these key metrics. Continue Reading
By
- John Burke, Nemertes Research
Tip 23 Jan 2024
Building an incident response framework for your enterprise

Understanding incident response framework standards and how to build the best framework for your organization is essential to prevent threats and mitigate cyber incidents. Continue Reading
By
- David Geer, Geer Communications
- Peter Sullivan
Feature 23 Jan 2024
Top incident response service providers, vendors and software

Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading
By
- Paul Kirvan
Tip 22 Jan 2024
Business continuity vs. disaster recovery vs. incident response

To stay in business, expect the unexpected. Learn how business continuity, disaster recovery and incident response differ -- and why organizations need plans for all three. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
- Alissa Irei, Senior Site Editor
Tip 22 Jan 2024
Incident response automation: What it is and how it works

Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Andrew Froehlich, West Gate Networks
Tip 17 Jan 2024
How to conduct incident response tabletop exercises

Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event. Continue Reading
By
- Paul Kirvan
Feature 17 Jan 2024
CISOs on alert following SEC charges against SolarWinds

The Securities and Exchange Commission announced charges against SolarWinds and its CISO in October, but will it help improve transparency or simply scare infosec executives? Continue Reading
By
- Arielle Waldman, News Writer
Tip 17 Jan 2024
CERT vs. CSIRT vs. SOC: What's the difference?

What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading
By
- Ed Moyle, SecurityCurve
Definition 17 Jan 2024
OODA loop

The OODA loop -- Observe, Orient, Decide, Act -- is a four-step approach to decision-making that focuses on filtering available information, putting it in context and quickly making the most appropriate decision, while also understanding that changes can be made as more data becomes available. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Sarah Lewis
Feature 17 Jan 2024
How to create a CSIRT: 10 best practices

The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 17 Jan 2024
Top 6 SOAR use cases to implement in enterprise SOCs

Automating basic SOC workflows with SOAR can improve an organization's security posture. Explore six SOAR use cases to streamline SOC processes and augment human analysts. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Jessica Groopman, Kaleido Insights
Tip 16 Jan 2024
13 incident response best practices for your organization

An incident response program ensures security events are addressed quickly and effectively as soon as they occur. These best practices can help get your organization on track fast. Continue Reading
By
- Charles Kolodgy, Security Mindsets
Tip 12 Jan 2024
Incident response: How to implement a communication plan

Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started. Continue Reading
By
- Mike Chapple, University of Notre Dame
Feature 12 Jan 2024
10 types of security incidents and how to prevent them

Cyberattacks are more varied and numerous than ever. Learn the key signs of common security incidents and how to respond to keep systems and data safe. Continue Reading
By
- TechTarget Contributor
- Alissa Irei, Senior Site Editor
Tip 11 Jan 2024
Cloud incident response: Frameworks and best practices

Cloud incident response, like it sounds, involves responding to incidents in the cloud. But there are nuances to be aware of and unique best practices to follow. Continue Reading
By
- Dave Shackleford, Voodoo Security
Definition 10 Jan 2024
vulnerability management

Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems. Continue Reading
By
- Sean Michael Kerner
Feature 09 Jan 2024
How to fix the top 5 cybersecurity vulnerabilities

Check out how to fix five top cybersecurity vulnerabilities to prevent data loss from poor endpoint security, ineffective network monitoring, weak authentication and other issues. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 09 Jan 2024
Top 30 incident response interview questions

Job interviews are nerve-wracking, but preparation can minimize jitters and position you to land the role. Get started with these incident response interview questions and answers. Continue Reading
By
- Ed Moyle, SecurityCurve
Definition 08 Jan 2024
NIST Cybersecurity Framework

The NIST Cybersecurity Framework (CSF) provides guidance on how to manage and reduce IT infrastructure security risk. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Feature 03 Jan 2024
Why effective cybersecurity is important for businesses

Cyber attacks can have serious financial and business consequences for companies, which makes implementing strong cybersecurity protections a critical step. Continue Reading
By
- Mary K. Pratt
Definition 21 Dec 2023
Zoombombing

Zoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app. Continue Reading
By
- Corinne Bernstein
Definition 21 Dec 2023
What is the CIA triad (confidentiality, integrity and availability)?

The CIA triad refers to confidentiality, integrity and availability, describing a model designed to guide policies for information security within an organization. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Wesley Chai
Definition 18 Dec 2023
holistic (holistic technology)

Holistic technology is an approach to IT management that considers the infrastructure as a whole instead of as a collection of individual systems. Continue Reading
By
- Gavin Wright
- Emily McLaughlin, Coravin
Tip 15 Dec 2023
How CISOs can manage multiprovider cybersecurity portfolios

In today's cybersecurity market, the as-a-service model reigns. That means, as they increasingly rely on outsourcing, CISOs must learn to juggle multiple third-party providers. Continue Reading
By
- Jerald Murphy, Nemertes Research
Feature 14 Dec 2023
9 cybersecurity trends to watch in 2024

Analysts are sharing their cybersecurity trends and predictions for 2024. From zero-day attacks to generative AI security and increased regulations, is your organization ready? Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 13 Dec 2023
12 key cybersecurity metrics and KPIs for businesses to track

IT security managers need to monitor cybersecurity efforts and make sure they're effective. These 12 metrics and KPIs will help show what's working -- and what isn't. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 01 Dec 2023
7 key OT security best practices

Keeping operational technology secure requires vigilance and effort, especially as OT increasingly converges with IT. These cybersecurity best practices can help. Continue Reading
By
- Jerald Murphy, Nemertes Research
Definition 21 Nov 2023
CISO as a service (vCISO, virtual CISO, fractional CISO)

A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider. Continue Reading
By
- Ben Lutkevich, Site Editor
Feature 21 Nov 2023
Cybersecurity budgets lose momentum in uncertain economy

Organizations' increasing prioritization of cybersecurity has protected most programs from major budget cuts. Even so, many CISOs are feeling the pinch. Continue Reading
By
- Alissa Irei, Senior Site Editor
Opinion 20 Nov 2023
Security continues to lag behind cloud app dev cycles

Enterprise Strategy Group research revealed security gaps in cloud-native software development -- issues that should be addressed as soon as possible. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 17 Nov 2023
SBOM formats compared: CycloneDX vs. SPDX vs. SWID Tags

Organizations can choose between three SBOM formats: CycloneDX, SPDX and SWID Tags. Learn more about them to determine which fits your organization best. Continue Reading
By
- Ravi Das, ML Tech Inc.
Opinion 17 Nov 2023
Security highlights from KubeCon + CloudNativeCon 2023

KubeCon + CloudNativeCon provided valuable insights for security teams supporting cloud-native development, including securing GenAI, platform engineering and supply chains. Continue Reading
By
- Melinda Marks, Practice Director
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 16 Nov 2023
8 ways to cope with cybersecurity budget cuts

In times of economic uncertainty, cybersecurity budget cuts can make the security team's job even more challenging. Here are eight ways to minimize risk with minimal resources. Continue Reading
By
- Jerald Murphy, Nemertes Research
Definition 16 Nov 2023
What is cyber hygiene and why is it important?

Cyber hygiene, or cybersecurity hygiene, is a set of practices individuals and organizations perform regularly to maintain the health and security of users, devices, networks and data. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 09 Nov 2023
SolarWinds fires back at SEC over fraud charges

SolarWinds said the SEC's lawsuit contains several 'false claims,' including allegations about how Russian nation-state hackers first got inside the company's network Continue Reading
By
- Rob Wright, Senior News Director
Definition 07 Nov 2023
dark web monitoring

Dark web monitoring is the process of searching for and continuously tracking information on the dark web. Continue Reading
By
- Ben Lutkevich, Site Editor
Definition 03 Nov 2023
cybersecurity asset management (CSAM)

Cybersecurity asset management (CSAM) is the process created to continuously discover, inventory, monitor, manage and track an organization's assets to determine what those assets do and identify and automatically remediate any gaps in its cybersecurity protections. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Podcast 01 Nov 2023
Risk & Repeat: Breaking down SEC charges against SolarWinds

This episode covers the SEC charges against SolarWinds and CISO Timothy Brown for allegedly hiding known cybersecurity risks prior to the 2020 supply chain attack it suffered. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 27 Oct 2023
How to create a cybersecurity awareness training program

Cybersecurity awareness training often misses the mark, leaving employees undereducated and organizations vulnerable to attack. Here's how to succeed where too many fail. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Mike Chapple, University of Notre Dame
News 24 Oct 2023
JPMorgan Chase CISO explains why he's an 'AI optimist'

Pat Opet, CISO at JPMorgan Chase & Co., discussed how the financial services giant invests in cybersecurity and where generative AI could provide game-changing benefits. Continue Reading
By
- Rob Wright, Senior News Director
Definition 19 Oct 2023
Structured Threat Information eXpression (STIX)

Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies. Continue Reading
By
- Rahul Awati
- Madelyn Bacon, TechTarget
Tip 18 Oct 2023
Cybersecurity vs. cyber resilience: What's the difference?

Companies need cybersecurity and cyber-resilience strategies to protect against attacks and mitigate damage in the aftermath of a successful data breach. Continue Reading
By
- Paul Kirvan
Tip 17 Oct 2023
How to conduct a cyber-resilience assessment

It's a good cyber-hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment. Continue Reading
By
- Paul Kirvan
Tip 16 Oct 2023
Build a strong cyber-resilience strategy with existing tools

Existing security protocols and processes can be combined to build a cyber-resilience framework, but understanding how these components relate to each other is key. Continue Reading
By
- Paul Kirvan
Definition 12 Oct 2023
security awareness training

Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy. Continue Reading
By
- Kinza Yasar, Technical Writer
- Mary K. Pratt
Tip 11 Oct 2023
Top 6 password hygiene tips and best practices

Passwords enable users to access important accounts and data, making them attractive targets to attackers, too. Follow these password hygiene tips to keep your organization safe. Continue Reading
By
- Diana Kelley, SecurityCurve
Feature 10 Oct 2023
Security posture management a huge challenge for IT pros

Enterprise Strategy Group's John Oltsik explains why executing security hygiene and posture management at scale remains an uphill battle for organizations, despite automation. Continue Reading
By
- Linda Tucci, Industry Editor -- CIO/IT Strategy
Tip 10 Oct 2023
Security log management and logging best practices

Learn how to conduct security log management that provides visibility into IT infrastructure activities and traffic, improves troubleshooting and prevents service disruptions. Continue Reading
By
- Michael Cobb
Definition 03 Oct 2023
security posture

Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Linda Rosencrance
Feature 29 Sep 2023
Secure service edge strengths drive SASE deployments

Enterprise Strategy Group's John Grady discusses the latest findings in his newly released report and why businesses won’t start a SASE initiative without first implementing SSE. Continue Reading
By
- Ron Karjian, Industry Editor
Tip 28 Sep 2023
How to develop a cybersecurity strategy: Step-by-step guide

A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Definition 26 Sep 2023
principle of least privilege (POLP)

The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Opinion 25 Sep 2023
6 reasons Cisco acquired Splunk

A treasure trove of Cisco and Splunk data, AI and analytics can improve cyber-resilience, accelerate threat detection and response, and enable more intelligent networks. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tutorial 22 Sep 2023
How to disable removable media access with Group Policy

Removable media can pose serious security problems. But there is a way to control who has access to optical disks and USB drives through Windows' Active Directory. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Opinion 22 Sep 2023
Google and Mandiant flex cybersecurity muscle at mWISE

End-to-end cybersecurity coverage and generative AI could accentuate Google and Mandiant's combined cybersecurity opportunities -- with the right execution. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Opinion 18 Sep 2023
What to consider when creating a SaaS security strategy

Securing SaaS applications is more important and confusing than ever. Consider visibility, UX and workflow when creating a SaaS security strategy and adopting tools. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 14 Sep 2023
How CIOs can build cybersecurity teamwork across leadership

Cross-departmental relationships are key to long-term business success. Discover why CIOs must focus on teamwork with these three C-suite roles for highly effective cybersecurity. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC