One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s employees without having to steal them directly. With that information in hand, threat actors have an open door into

The holiday season is upon us. After a difficult year, and facing an even more challenging year ahead, digital defense experts don’t have visions of sugar plums dancing in their heads. Instead, they dream of cybersecurity tools and other resources to help them cope with a wild threat landscape.  Here’s our ultimate holiday wish list. 

Words for health and the human body often make their way into the language we use to describe IT. Computers get viruses; companies manage their security hygiene; incident response teams train on their cyber fitness. Framing IT concepts in terms of health can also be useful when looking at security operations centers (SOCs) and jobs in cybersecurity. For man

Many business leaders struggle to efficiently respond to risk and compliance needs because of the complex regulatory landscape, ever-evolving risk scenarios and inconsistent internal processes. It’s only been more recently that organizations have embraced enterprise integrated risk management (IRM) tools to overcome a siloed approach of managing risk

Managed security service providers (MSSPs) can speed up detection and response capabilities in complex, distributed security environments. However, many traditional managed security providers simply act as alert factories that collect log data and spit out low-value alerts. These increase the workload on their clients’ security teams rather than offloa

For a growing number of organizations adopting cloud-based deployment models, the cloud security challenge is clear. For example, how do I rapidly transform my business in a way that is also secure and compliant? Business leaders have an opportunity to rethink securing their enterprise during the sea-change shift toward cloud models. For instance, leade

During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms. By contrast,

A quick web search for “chatbots and security” brings up results warning you about the security risks of using these virtual agents. Dig a little deeper, however, and you’ll find that this artificial intelligence (AI) technology could actually help address many work-from-home cybersecurity challenges — such as secure end-to-end encryption a

In a previous blog post, I covered some of the challenges encountered by security operations centers (SOCs) and how leveraging artificial intelligence (AI) can help alleviate these challenges, including the cybersecurity skills shortage, unaddressed security risks and long dwell times. According to ISACA’s State of Cybersecurity Report, 78 percent of r

The constantly changing threat landscape makes a robust security program a moving target. But defenders aren’t standing still — from advanced artificial intelligence (AI) to real-time threat detection and adaptive risk protection, cybersecurity services are evolving to offer IT teams the breadth of knowledge and depth of functionality they need to rall

Technologies like artificial intelligence (AI) and neural networks are driven by deep learning — machine learning algorithms that get “smarter” with more data. The deepfake, a severe cybersecurity threat, wouldn’t be possible without deep learning. Deepfakes aside, we need to be aware that several machine learning models, including state-of

In 2019, we saw a record number of information security breaches. According to the IBM X-Force Threat Intelligence Index 2020, a total of 8.5 billion records were compromised — three times the number from 2018. The healthcare industry saw its fair share of attacks and was the 10th-most targeted industry, accounting for 3 percent of all attacks last year. Th

Healthcare cybersecurity attacks are on the rise. As Protenus notes, industry data breaches increased by 48 percent between 2018 and 2019, with more than 41 million patient records compromised. Meanwhile, according to the 2019 HIMSS Cybersecurity Survey, 82 percent of hospitals said they suffered a “significant security incident” in the past 12 m

Practice doesn’t necessarily make perfect, but it can lead to improvement. Quality practice is key in matters of human security, and the right quantity of practice can also make a significant difference when it comes to shifting mindsets and behavior. “Scientists believe that expert-level performance is primarily the result of expert-level practi

The traditional threat landscape comprised of conventional IT assets is difficult enough to protect, detect and respond to, but the landscape seems to be quickly expanding beyond traditional IT. Those new domains are operational technology (OT), the internet of things (IoT) and the internet of medical things (IoMT). Devices from non-traditional IT environmen