Corporate culture can have a big impact on an organization's ability to achieve cybersecurity objectives, says Jessica Barker, chair of ClubCISO, a private members forum for European information security leaders, who provides insights on gauging an organization's security maturity.
API attacks are on the rise, and Gartner predicts that APIs will be the top threat vector by 2022. Roey Eliyahu, CEO of Salt Security, discusses the trend and how to build a more effective API security strategy.
A bipartisan group of lawmakers has introduced a bill that calls for investing $100 billion in research on science and emerging technologies, including cybersecurity, quantum computing and artificial intelligence.
In the current work-at-home environment, keeping the workforce educated about critical cybersecurity practices requires "short, sharp bursts of education" that offer compelling messages, says Vicki Gavin, a former CISO who now serves as a cyber education consultant.
For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don't understand...
An attacker's first-move advantage clearly comes down to their rapid innovations, meaning security teams always have to operate reactively. Like forest fires, cyber-attacks are devastating and unpredictable; and like firemen, defenders can only race to the scene. But by the time they arrive, the damage is usually...
Security and risk experts from Forrester and Neustar advise on what you need to know about today's cyberthreats, including website vulnerabilities, APIs, third-party party scripts, nefarious bots and DDoS attacks.
APIs ubiquitous in the enterprise today, being exposed to customers, partners and applications. But because they are relied on so heavily, they also are targeted by cybercriminals.
There are more attacks over APIs than on traditional web channels primarily because it's simply easier to attack these...
Access and analyze suspicious or malicious content without exposing your resources or your identity.
Reinforce your Open Source Intelligence (OSINT) skills with a combination of real-world research tips and techniques:
Leverage cross-functional open and dark web research techniques outlined by our military, law...
Cyber Threat Intelligence (CTI) isn't the exclusive domain of specialized organizations anymore. Yet many CTI practitioners - the analysts, researchers and threathunters who collect and manage Open Source Intelligence (OSINT) gleaned from the open, deep and Dark Web - report a lack of training, tools and internal...
Digital transformation is driving utilization of third parties, which can introduce significant risk to your organization. In fact, over 60% of breaches today are linked to a third-party. With this stat in mind, it's no wonder that a multitude of potential third-party cyber risk management (TPCRM) solutions have been...
A quarter of financial institutions experienced at least one spear-phishing or business email compromise attack in 2019 where user credentials were compromised and/or fraud was committed. These attacks also often resulted in intellectual property and physical damage.
Yet, nearly half of institutions surveyed state...
As COVID-19 spread in the spring of 2020, organizations around the world have scrambled to enable a remote workforce, acting in "firefighting" mode and laser-focused on business continuity. But as the new normal settles in, digital transformation is rising as a critical - if altered - priority, and security teams need...
As COVID-19 spread in the spring of 2020, organizations around the world have scrambled to enable a remote workforce, acting in "firefighting" mode and laser-focused on business continuity. But as the new normal settles in, digital transformation is rising as a critical - if altered - priority, and security teams need...
Organizations can no longer simply hire vendors without proof of a strong cyber posture, and a comprehensive questionnaire can demonstrate that vendors' internal security policies are up to par.
Yet not all questionnaires are the same. The benefits of automated questionnaires can vary, depending on the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
