Category: Cyber Defense Magazine

As Paris prepares to host the 2024 Summer Olympic Games, athletes from around the world converge to represent their country. But beyond the cheers and medals lies a digital underworld…. The post Guarding the Games: Cybersecurity and the 2024 Summer…

Read more →

The rapid proliferation of AI technologies is bringing about significant advancements, but it has also introduced a wide range of security challenges. Large language models (LLMs) and computer vision models,… The post Fortifying the Future: AI Security Is The Cornerstone…

Read more →

by Victoria Hargrove, Reporter, CDM In today’s society, digital threats are happening at a consistent and concerning rate. Traditional authentication methods no longer stand a chance against preventing these threats…. The post Biometrics in the Cyber World appeared first on…

Read more →

Malware sandboxes offer a safe and controlled environment to analyze potentially harmful software and URLs. However, not all sandboxes incorporate features that are essential for proper analysis. Let’s look at… The post 5 Essential Features of an Effective Malware Sandbox…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

With security breaches becoming more frequent, banks need to act swiftly to protect their users. The rapid advancement of technology, including real-time payments and AI, adds complexity to the tasks… The post Embracing Proactive Fraud Management with Real-Time Orchestration appeared…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS I came up with this model to simplify cybersecurity, resiliency and regulatory compliance for executives who are not cybersecurity experts.  The PANCCD™ model (People,… The post The PANCCD™ Model: Strengthening Cyber Resiliency and Compliance…

Read more →

Protecting against the growing spectrum of cyber threats, including ransomware, botnets, and data theft, is fundamental for ensuring strong cybersecurity measures. DNS can be used within such a defense strategy… The post DNS Security Strategies: Protecting Against Ransomware, Botnets, And…

Read more →

Data breaches have accelerated quickly in 2024. Google ‘data breach’ and you’re in for a whirlwind of high-profile names scattered across headlines of thousands, and sometimes millions, of customer and… The post Data Breaches are a Dime a Dozen: It’s…

Read more →

Cybersecurity tools and technologies are continuously being developed and refined to keep pace with the growing threat landscape. One tool we’re all familiar with is the Security Information and Event… The post Uncovering the Gaps in Cyberthreat Detection & the…

Read more →

Cost savings and business benefits were quantified in “The Total Economic Impact of Cynet All-in-One Security,” a commissioned study conducted by Forrester Consulting on behalf of Cynet in October 2024…. The post How to maximize cybersecurity ROI appeared first on…

Read more →

Identity is the new perimeter. Attackers are no longer hacking into your organization—they’re logging in with compromised credentials. Push Security is countering this shift with a browser-based identity security platform… The post Innovator Spotlight: Push Security appeared first on Cyber…

Read more →

In today’s digital age, the importance of cybersecurity must be re-balanced. With increasing cyberattacks and data breaches, organizations must prioritize protecting their customers’ sensitive information. Unfortunately, AT&T has recently fallen… The post The AT&T Phone Records Stolen appeared first on…

Read more →

State and local government and education organizations (also known as SLED) were always at risk from cyberattacks, but the rise of generative AI has increased those risks significantly. Attackers are far more… The post Cyber Risks for Government Agencies Are on the…

Read more →

Executive summary Many companies face various risks across their supply chain, which are increasing, especially cyber threats. Studies indicate that nearly all companies have at least one supplier that has… The post Cyber Threat Intelligence (CTI) for Supply Chain Monitoring…

Read more →

As a CEO working alongside cybersecurity product companies, I know that integration & the connectors are necessary evil for cyber security products companies. For companies in our industry, seamless, reliable… The post Overcoming Cybersecurity Integration Roadblocks appeared first on Cyber…

Read more →

Dashlane is the leading enterprise credential manager that secures access and proactively protects against breaches. In an era where painfully simple password spraying and phishing attacks are still the primary… The post Spotlight on Dashlane appeared first on Cyber Defense…

Read more →

Onyxia’s Cybersecurity Management Platform delivers predictive insights and data intelligence that allow CISOs to gain a complete view of their cybersecurity program performance, achieve organizational compliance, increase security stack efficiency,… The post Spotlight on Onyxia appeared first on Cyber Defense…

Read more →

In early June, the Ticketmaster breach brought widespread attention to the fact that Snowflake accounts did not require multi-factor authentication (MFA) and some were compromised as a result. If only… The post Why Did Snowflake Have a Target on It?…

Read more →

In the wake of a recent breach that compromised sensitive information, a healthcare organization sought my guidance on how to significantly enhance their security posture. Drawing from my experience as… The post Building Resilience: A Post-Breach Security Strategy for Any…

Read more →

by Dan K. Anderson CEO, CISO, and vCISO The cybersecurity landscape is rapidly evolving, and so are the tactics of adversaries. According to IBM, the average cost of a data… The post Innovator Spotlight: Cloud Range appeared first on Cyber…

Read more →

It’s often assumed that if the board knew exactly what they wanted to hear from the CISO, they would simply communicate it. Unfortunately, that’s not always the case. This leaves… The post How a CISO Should Brief the Board of…

Read more →

In recent years, video analytics has significantly transformed the interpretation and utilization of visual data. Through advanced algorithms and artificial intelligence methods, video analytics can perform tasks such as object… The post How Has Video Analytics Enhanced Security and Efficiency?…

Read more →

In the modern era of technological advancement, artificial intelligence (AI) is revolutionizing business operations, presenting unparalleled opportunities for efficiency and innovation. However, as AI systems become integral to our business… The post The Imperative of Penetration Testing AI Systems appeared…

Read more →

by Dan K. Anderson CEO, CISO, and vCISO With the rise of software supply chain attacks, organizations are under increasing pressure to secure their software development pipelines. According to a… The post Innovator Spotlight: Legit Security appeared first on Cyber…

Read more →

Do you know where all the secrets are? The probable answer to this might be NO and believe me you are not alone. The advancement of technology has overtaken us…. The post Safeguarding Corporate Secrets: Best Practices and Advanced Solutions…

Read more →

Cybersecurity compliance is undergoing a massive shift, with regulatory frameworks rapidly introducing more complex rules, stricter enforcement, and tougher penalties for non-compliance. We see this exemplified through the vast reach… The post The 3 Questions at the Core of Every…

Read more →

E-commerce is poised to account for over 20% of global purchases by 2024. This surge is fueled by a confluence of factors: the expansion of online product offerings, consumer pursuit of discounts,… The post Securing E-commerce appeared first on Cyber Defense Magazine.…

Read more →

E-commerce is poised to account for over 20% of global purchases by 2024. This surge is fueled by a confluence of factors: the expansion of online product offerings, consumer pursuit of discounts,… The post Securing E-commerce appeared first on Cyber Defense Magazine.…

Read more →

In the constantly evolving realm of cybersecurity, it is critical for incident responders to be prepared and effective. As cyber threats grow more complex, the training approaches for these defenders… The post Team-Based Training and the Power of Simulation appeared…

Read more →

In the current cybersecurity landscape, the focus has shifted from merely managing vulnerabilities to strategically orchestrating defenses against targeted threats. Organizations are increasingly struggling to optimize their security posture amidst… The post Innovator Spotlight: Interpres Security appeared first on Cyber…

Read more →

Data security is more critical than ever as organizations manage vast amounts of sensitive information across cloud and on-premises environments. According to a 2023 report by Varonis, over 53% of… The post Innovator Spotlight: Concentric appeared first on Cyber Defense…

Read more →

Keepnet specializes in addressing human factors of security through innovative security awareness training and phishing simulation tools. This article highlights the significant findings of their 2024 Vishing (Voice Phishing) Response… The post Innovator Spotlight: Keepnet Labs appeared first on Cyber…

Read more →

We’ve got a hard truth to share with you, and you might not like it: You are not your software vendor’s top priority. Your vendor is focused on their own… The post The Ugly Truth about Your Software Vendor which…

Read more →

Zero-Trust Endpoint Security: How a Preventive Approach Can Limit Your Endpoint Attack Surface Endpoint security has become more critical than ever in today’s rapidly evolving threat landscape. As enterprises become… The post Zero-Trust Endpoint Security appeared first on Cyber Defense…

Read more →

The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst up at night. The recent XZ backdoor attack is finally… The post The Unsolvable Problem: XZ and Modern Infrastructure appeared…

Read more →

I was thrilled to catch up with Proofpoint top executives, recently, to discuss Proofpoint’s AI-powered solution and critical issues including data leakage and insider risks. In an era where digital… The post Publishers Spotlight: Proofpoint appeared first on Cyber Defense…

Read more →

Artificial intelligence (AI) has many applications in cybersecurity. Automated fraud detection is one of the most impactful of these use cases. Fraud can be difficult for humans to spot, but… The post AI-Powered Fraud Detection Systems for Enhanced Cybersecurity appeared…

Read more →

The modern Security Operations Center (SOC) has morphed and matured since its infancy in the early 1990s. The primary responsibility of monitoring for any indication of intrusion or compromise has… The post Strategies for Building an Effective, Resilient Security Operations…

Read more →

In today’s rapidly evolving digital landscape, organizations are increasingly reliant on complex networks of identities to power their operations. From human users to non-human accounts, such as service accounts, APIs,… The post The Identity Security Mirage: Unveiling the Hidden Risks…

Read more →

More than 70 percent of enterprises have prioritized SaaS security by establishing dedicated teams to secure SaaS applications, a trend identified for the first time in the fourth Annual SaaS Security… The post 70% of Enterprises Established SaaS Security Teams, Cloud…

Read more →

Security testing plays a critical role in ensuring that applications are protected against vulnerabilities and attacks. In times when cyber attacks like data breaches and ransomware are rising, security testing… The post Transforming Security Testing With AI: Benefits and Challenges…

Read more →

On July 1st, 2024, the cybersecurity community was rocked by the discovery of a critical Remote Code Execution (RCE) vulnerability in OpenSSH, aptly named regreSSHion. This revelation triggered a frenzy… The post RegreSSHion, Critical RCE Vulnerabilities, and When Should You…

Read more →

Federal agencies face a pivotal cybersecurity challenge: prevent unauthorized entities from accessing systems and facilities, while granting authorized federal employees and contractors access commensurate with verified need. Two factors complicate… The post NextGen Identity Management appeared first on Cyber Defense…

Read more →

Integrated Governance, Risk, and Compliance Is Critical Business executives in all sectors place a high premium on security in the quickly changing digital landscape of today. Security is no longer… The post Strengthening Security appeared first on Cyber Defense Magazine.…

Read more →

In today’s rapidly evolving digital landscape, fear, uncertainty, and doubt have become the dominant emotions for many organizations grappling with cybersecurity. The constant reports of data breaches, ransomware attacks, and… The post Innovator Spotlight: Cyberseconomics appeared first on Cyber Defense…

Read more →

Artificial Intelligence (AI) is transforming multiple sectors, driving innovation and enhancing productivity and cybersecurity. The AI market is projected to rise from an estimated $86.9 billion in revenue in 2022… The post How AI-Driven Cybersecurity Offers Both Promise and Peril…

Read more →

In today’s digital landscape, data security and privacy have become top priorities for organizations of all sizes. According to a 2023 report by IBM, the average cost of a data… The post Innovator Spotlight: Zendata appeared first on Cyber Defense…

Read more →

Discussions of insider risk inevitably conjure images of disgruntled IT employees stealing sensitive data from the comfort of an air-conditioned office. However, insider risk is significantly more complex, and any… The post Worried about Insider Risk? Pay More Attention to…

Read more →

1) The Reality of Cybersecurity Threats and Response As technology develops and digitalization progresses, cybersecurity threats are becoming increasingly diverse and sophisticated. As a result, responding to these cybersecurity threats… The post The Role of Intelligence in Cyber Threat Response…

Read more →

It’s not enough for companies to just discover and monitor sensitive data. They need tools that can proactively fix any security issues to prevent data loss and meet compliance standards…. The post Innovator Spotlight: Concentric AI appeared first on Cyber…

Read more →

One of the recurring questions we hear from network security leaders is “why aren’t our security policies optimized?” The answer, however, is far from simple. The truth is that a… The post How Automation Can Help Security Policy Optimization appeared…

Read more →

It is a tale almost as old as time: users click download, install, and accept as they adopt new software applications without considering the security implications, or getting approval from… The post Unmasking Shadow Apps to Secure Your SaaS Stack…

Read more →

Achieving cybersecurity compliance is often seen as a regulatory necessity, primary to avoid hefty fines and legal repercussions. However, the true value of compliance extends far beyond financial penalties. It… The post Beyond Fines: The Real Value of Achieving Cybersecurity…

Read more →

There’s an unnerving secret many of us in cybersecurity have noticed. And if you think your company is “too small” to be worried about a potential attack, think again. As… The post It’s Time to Sound the Alarm on SMB…

Read more →

The healthcare sector has become a prime target for cyberattacks, with the frequency and sophistication of these attacks increasing rapidly over the last several months. More than 124 million records were compromised… The post Escalating Cyberattacks in the Healthcare Sector appeared first…

Read more →

It’s been more than six months since the SEC’s updated Cybersecurity Disclosure rules came into force. These rules represent a sea change for CISOs; both in terms of the burden… The post SEC Cybersecurity Disclosure Rules – Are CISOs Ready…

Read more →

“In a quaint village nestled between rolling hills and dense forests, a young apprentice named Eli was learning to throw pottery from a master potter. On the first day by… The post The First 10 Days of a vCISO’S Journey…

Read more →

LIAPP (Lockin App Protector) is an integrated mobile app security service developed by Lockin Company, a Korean-based security company dedicated to mobile apps protection, that protects over 2,000 apps worldwide…. The post Lockin Company’s Approach to Zero Trust Security and…

Read more →

As businesses enter the third quarter of 2024, they need to contend with three new state privacy laws. The Texas Data Privacy and Security Act, Oregon Consumer Privacy Act, and… The post The Next Iteration of Privacy: What Businesses Should…

Read more →

On July 3rd the period for public comment closed for the U.S. Cybersecurity and Infrastructure Security Agency’s proposed Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) reporting rules… The post What CIRCIA Means for Critical Infrastructure Providers and…

Read more →

Infrastructure like water system, supply system, telecommunication networks, and power plants are critical assets for any country in that the destruction and incapacity of such systems poses an adverse effect… The post Cybersecurity In Critical Infrastructure: Protecting Power Grids and…

Read more →

As technology advances, cyber threats are becoming more complex and harder to combat. According to Cobalt’s State of Pentesting Report, this past year, the number of security vulnerabilities increased by 21%,… The post From Burnout to Balance: How AI Supports Cybersecurity…

Read more →

Ready or not, quantum computing technology is rapidly advancing, and its new capabilities will be available sooner than most think. Quantum technology has the potential to transform applications like materials… The post Getting Out in Front of Post-Quantum Threats with…

Read more →

by Dan K. Anderson CEO, CISO, and vCISO As organizations grow, managing access to critical systems and ensuring compliance with identity governance and administration (IGA) standards becomes increasingly complex. A… The post Innovator Spotlight: Zilla Security appeared first on Cyber…

Read more →

Cyber threats are becoming more sophisticated, putting both individuals and businesses at significant risk. The rise in phishing attacks, identity theft, and online fraud highlights the urgent need for accessible… The post Innovator Spotlight: Guardio appeared first on Cyber Defense…

Read more →

As buzz and excitement continues to build around the upcoming 2024 Summer Olympics, it is important to be aware of the potential cyberthreats that often target such large global events. The… The post Top Tips and Risks Ahead of the 2024…

Read more →

Unmonitored infrastructure is a major source of initial compromises for enterprises.  The Critical Start MDR solution counters this with endpoint coverage gap monitoring, log ingestion failure alerts, and hidden asset… The post The MDR That Sees It All appeared first…

Read more →

The importance of internet safety has never been more pronounced than in today’s digital age, where the boundaries between our personal and professional lives are increasingly blurred. However, with this… The post Fortifying The Digital Frontier: Everyday Habits That Shape…

Read more →

Implementing Cyber-HDR for SMBs: Enhancing Protection and Reducing Risk In today’s digital landscape, small and medium-sized businesses (SMBs) face increasing threats from cyber espionage and cybercrime. With 46% of SMBs… The post How SMBs Can Implement Cyber-HDR for Increased Protection…

Read more →

DeepKeep, the leading provider of AI-Native Trust, Risk, and Security Management (TRiSM), empowers large corporations that rely on AI, GenAI, and LLM technologies to manage risk and protect growth. Our… The post Spotlight on DeepKeep.ai appeared first on Cyber Defense…

Read more →

The AI-Driven Solution Transforming Cybersecurity Infrastructure by Gary Miliefsky Publisher and Dan K. Anderson vCISO and Writer Reach Security is revolutionizing cybersecurity by introducing the first AI specifically designed to… The post Publisher’s Spotlight: Reach Security appeared first on Cyber…

Read more →

The volume of code needed is greater than ever while cycles to produce said code are shrinking. One of the consequences of this is security has become secondary – both… The post Innovator Spotlight: Qwiet appeared first on Cyber Defense…

Read more →

In today’s fast-evolving digital landscape, cyber attackers are becoming increasingly creative, targeting the human element as a primary entry point. Research shows that human error accounts for up to 90%… The post Innovator Spotlight: ZINAD appeared first on Cyber Defense…

Read more →

In April 2023, the Cybersecurity and Infrastructure Security Agency (CISA) unveiled the Secure by Design initiative, setting a new standard for security across the industry. The initiative urges vendors to create… The post One Year Later: CISA’s Secure by Design Initiative…

Read more →

by Pete Green, vCISO, Cybersecurity Consultant and Reporter for CDM Gartner has stated the challenge facing most organizations today: “Boards are now pushing back for improved understanding of what they… The post Innovator Spotlight: HyperCube appeared first on Cyber Defense…

Read more →

I was thrilled to catch up with HackerOne during Black Hat USA 2024. The modern threat landscape presents increasingly complex cybersecurity challenges for modern organizations. Emerging technologies, like generative AI,… The post Publishers Spotlight: HackerOne appeared first on Cyber Defense…

Read more →

AI washing, or making inflated or misleading claims about AI capabilities, is nothing new. In some ways it is to be expected when a new disruptive technology hits the limelight…. The post The Great Ai Swindle appeared first on Cyber…

Read more →

Often, technology develops faster than we can handle. This is especially true for the federal government and its partners — organizations that must adhere to strict security standards in the… The post Modernizing and Applying FedRAMP Security Standards to Accelerate…

Read more →

As technology advances, cyber threats are becoming more complex and harder to combat. According to Cobalt’s State of Pentesting Report, this past year, the number of security vulnerabilities increased by 21%,… The post From Burnout to Balance: How AI Supports Cybersecurity…

Read more →