Category: Cyber Defense Magazine

Introduction The cybersecurity landscape is constantly evolving, and organizations face increasing challenges in protecting their digital assets, often referred to as the “Crown Jewels.” In this context, the use of… The post Cyber Score, OSINT, and the Transformation of Horiens…

Read more →

The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information,… The post Win or Lose: Using CMMC 2.0 Proposed Rule…

Read more →

Cybersecurity in the public and healthcare sectors is a growing concern as cyberattacks become increasingly sophisticated and frequent. However, many existing vulnerabilities can be easily addressed to deliver more robust… The post How The Right Application Server Can Protect Healthcare…

Read more →

The last 20 years have fundamentally redefined how consumers behave online. The emergence of sites such as YouTube, Meta, and X has reshaped how we share and consume media. Online… The post To Combat Cyberbullying and Online Fraud, We Must…

Read more →

In today’s digital age, where cyber threats loom large and data breaches are increasingly common, many organizations are turning to Virtual Chief Information Security Officers (vCISOs) to bolster their cybersecurity frameworks. These… The post How vCISOs Can Enhance an Organization’s Cybersecurity Posture…

Read more →

In the world of manufacturing, one security measure has stood out above all others: the “air gap.” This technique, which isolates technology from the outside world, once provided a reasonable… The post Bridging The Manufacturing Security “Air Gap” appeared first…

Read more →

Introduction The intersection of cutting-edge artificial intelligence technologies and the extensive exposure of personal data has opened a Pandora’s box of potential misuse, including hyper-targeted scams. Large language models (LLMs),… The post The GenAI Scam Revolution appeared first on Cyber…

Read more →

In today’s era, marked by rapid digital transformations and an increase in sophisticated cyber threats, the role of Chief Information Security Officers is more crucial than ever. CISOs face the… The post Navigating Advanced Threat Landscapes appeared first on Cyber…

Read more →

As the world’s Rail transportation industry becomes more sophisticated, embracing digital technologies to enhance efficiency, safety, and operational capabilities, it is also exposed to a myriad of cybersecurity threats. The… The post Why Cybersecurity Compliance in Rail Transportation Has Never…

Read more →

Although the 2024 Summer Olympics brought more than 15 million visitors to Paris and generated $11 billion in economic activity, the Games didn’t just convene excited fans and world-class athletes—it… The post Why Cybersecurity At The Olympics (And All Major…

Read more →

If the mission of cybersecurity is to protect the organization from losses to cybercriminals, we are in deep trouble. Over the past year there has been a dramatic increase in… The post Three Big Reasons Ransomware Payments Are Up More…

Read more →

As cybersecurity platforms have become more effective, cyber attackers have shifted their strategy. Rather than challenging defense applications to identify weaknesses, they are now increasingly focused on exploiting human behavior…. The post The Rise in Phishing Scams appeared first on…

Read more →

Remember the good old days of IT? Back when firewalls were like bouncers at a nightclub, and security was a sleepy corner in the IT department? Those days are about… The post The Relationship Between Network and Security: Why They’re…

Read more →

Artificial intelligence (AI) is making waves in many industries across the board. It found use in healthcare, manufacturing, retail, finance, and other sectors that deal with large volumes of data…. The post Revolutionizing Investigations: The Impact of AI in Digital…

Read more →

Dropbox, Microsoft, Okta – not only are these all major software companies, but each of them has fallen victim to a supply chain attack due to a compromised non-human identity…. The post The Frontier of Security: Safeguarding Non-Human Identities appeared…

Read more →

The rapid development of artificial intelligence (AI) is fueling an increase in cyber-attacks, threatening the data infrastructure of businesses and individuals. Approximately 85 percent of cybersecurity professionals attribute the increase… The post The Cybersecurity Checklist: Top Methods and Tools for…

Read more →

From the moment we’re born, we are surrounded by a mix of true and false information. In the past, distinguishing between them was relatively easy, but over time, it has… The post The Age of Unseen Truths And Deceptive Lies…

Read more →

The insider threat is any individual within community who does something against such surrounding even being used for sabotage, diversion, espionage and the other purposes, so far. On the other… The post Tagged Files as a Road to Insider Threats…

Read more →

With the rapid technological advancement and the world entering the AI era, the cyber threat landscape has significantly evolved in its complexity and sophistication. The frequency of data breaches has… The post The Power of Many: Crowdsourcing as A Game-Changer…

Read more →

In the fast-paced and dynamic world of law enforcement, effective communication is essential for ensuring public safety and successful operations. However, amidst the ever-evolving landscape of technology and threats, maintaining… The post Operational Security: The Backbone of Effective Police Communication…

Read more →

Cybersecurity has become a leading priority for manufacturers of embedded systems and IoT devices. The rapid proliferation of these technologies, combined with their increasing integration into critical infrastructure, has made… The post The Cyber Resilience Act: How Manufacturers Can Meet…

Read more →

As more aspects of daily life move online—including financial transactions, government services like mobile driver’s licenses, and digital travel authentication—the weaknesses of traditional remote identity verification methods, such as passwords,… The post Passwords Are Out, Biometrics Are In appeared first…

Read more →

As we navigate the 2024 election year, safeguarding the integrity of our democratic process is more critical than ever. While much attention has been focused on securing ballot machines, the… The post Securing Election Integrity In 2024: Navigating the Complex…

Read more →

Quick link: Learn more about how HoundDog.ai is transforming AppSec and data security at HoundDog.ai. In 2023, 92% of data breaches involved Personally Identifiable Information (PII)—a staggering and growing trend… The post Start PII Leak Detection and Data Flow Mapping…

Read more →

Managing sensitive security investigations has become more complex and challenging in today’s increasingly prevalent remote work environment. As a result, ensuring that these investigations are conducted effectively and securely requires… The post Managing Sensitive Security Investigations in Remote Settings appeared…

Read more →

With the advent of Zero Trust architecture, where the principle of “never trust, always verify” prevails, the importance of comprehensive access control has never been more pronounced. As cyber threats… The post Is Unified Access Control Zero Trust’s Silver Bullet?…

Read more →

Ever found yourself locked out of an account at the worst possibility? While rushing to meet a deadline or accessing something critical—because you didn’t remember the password? Or maybe you… The post Beyond Passwords: Transforming Access Security with Passwordless IAM…

Read more →

Critical national infrastructure (CNI) is at risk in countries across the globe. When attackers target CNI systems—which include power plants, emergency services, hospitals, and transportation—it can cause life-threatening disruptions. We’ve… The post 7 Steps International Organizations Must Take to Defend…

Read more →

According to this recent report by McKinsey, 87% of consumers say they won’t do business with your company if they have concerns about your security practices. So if you’re serious about protecting… The post HTTP 1.1 Vs. HTTP 2: What Are the…

Read more →

For years, cyber deception has been an excellent tool against would-be cybercriminals. However, the cybersecurity landscape is constantly evolving — and many conventional techniques are no longer as effective. Is… The post How to Use AI in Cyber Deception appeared…

Read more →

Everyone has noticed that we have entered the AI era. AI is everywhere: to improve customer experience, reduce costs, generate stunning and surreal images. The size of the Artificial Intelligence… The post How To Privacy-Proof the Coming AI Wave appeared…

Read more →

Imagine you worked for years on building your cyber defense. You built all the systems you need, all the policies are in place, and you are humming along. When the… The post How To Fight Scattered Spider Impersonating Calls to…

Read more →

The threat cybercriminals pose to federal information systems and networks is real and pervasive. Defending against unauthorized intrusions is a full-time effort for federal agencies and the contractors that support… The post How Government Agencies Can Level the Cybersecurity Playing…

Read more →

Buzz about big data permeated tech conversations in the mid-1990s, but people today don’t talk as much about big data anymore. It’s not that data isn’t big. Data is bigger… The post Growing Enterprise Data is Creating Big Cybersecurity Risk…

Read more →

Voice phishing, also known as vishing, represents a growing threat to organizations worldwide. Keepnet’s 2024 Vishing Response Report illuminates the alarming statistic that 70% of companies are prone to voice… The post Exploring the Vishing Threat Landscape appeared first on…

Read more →

Cybersecurity: how to involve people in risk mitigation Cefriel presented the white paper “Cyber Security and the Human Element”, an in-depth look at how to analyze and understand the connections… The post Cybersecurity: How to Involve People in Risk Mitigation…

Read more →

Modern unmanned technologies are experiencing rapid growth, encompassing both civilian and military applications. Autonomous vehicles, delivery drones, and unmanned aerial vehicles for rescue and firefighting services have become an integral… The post SWARM: Pioneering The Future of Autonomous Drone Operations…

Read more →

Short description The advancement of cybersecurity is propelled by adapting to new technologies and rising threats. From quantum cryptography to Zero Trust models and pioneering innovations from industry leaders, the… The post The Advent of Quantum Cryptography and Zero Trust:…

Read more →

San Francisco, CA – January 14, 2025 – RSA Conference™, the world’s leading information security conferences and expositions, today announced that submissions for the 20th annual RSAC Innovation Sandbox and fifth annual… The post RSA Conference: 20th annual RSAC Innovation Sandbox and…

Read more →

Imagine being bombarded by a relentless barrage of alarms, each one clamouring for immediate attention. This is the daily reality for cyber security teams, overwhelmed by alerts from countless sources,… The post Exposure Management: A Strategic Approach to Cyber Security…

Read more →

Bridging the Gap Between Cyber Innovation and Regulated Markets Addressing the Challenge of Innovation Access in Regulated Markets In an era where the need for technological innovation is more critical… The post Publisher’s Spotlight: Merlin Group appeared first on Cyber…

Read more →

In August 2024, the FBI issued a notice that an Iranian backed team was attempting to hack American political parties’ campaign information. (Miller & Balsamo, 2024). In that same month,… The post Air Gap appeared first on Cyber Defense Magazine.…

Read more →

Threat actors are continuously enhancing their techniques and increasing sophistication to evade cyber defenses. Consequently, multi-stage ransomware and malware attacks, characterized by heavy obfuscation are becoming increasingly prevalent. The Europol Threat… The post Protecting Your Organization Against Advanced, Multi-Stage Cyber Attacks…

Read more →

Becoming successful in this digital age means your business operations, decision-making, and customer relationships are primarily powered by your data. Unfortunately, the quality of your data diminishes as time passes…. The post Data Decay and Cybersecurity: Understanding The Risks And…

Read more →

In cybersecurity like in the emergency room, every moment is critical. Much like an emergency room, where nurses must quickly assess and prioritize patients based on the severity of their… The post The Cyber Defense Emergency Room appeared first on…

Read more →

In 2024, phishing remains one of the most prevalent and dangerous cybersecurity threats. Despite advancements in technology and increased awareness, cybercriminals continue to exploit human vulnerabilities, adapting their tactics to… The post Phishing in 2024: Navigating the Persistent Threat and…

Read more →

In today’s digital landscape, the increasing reliance on Application Programming Interfaces (APIs) brings significant security challenges that organizations must address. The Salt Labs State of API Security Report, 2024, reveals that… The post Elevating Security: The Crucial Role of Effective API…

Read more →

The surge in cyberattacks and the emerging role of Generative AI The importance of cyber security tools in protecting sensitive information, sustaining organization’s resilience and enabling business continuity during hostile… The post Guardians Of the Grid appeared first on Cyber…

Read more →

The Common Vulnerability Scoring System (CVSS) offers a standardized framework for characterizing and scoring vulnerabilities, helping the effort for vulnerability risk assessment. The release of CVSS 4.0 in November 2023 marked a… The post Exploring CVSS 4.0’s Impact on Vulnerability and Threat…

Read more →

Imagine walking into a board meeting with a tool that shows your board exactly how protected the organization is, based on the investment they have allowed you to make. Or,… The post Four Steps Security Teams Can Take to Unlock…

Read more →

In today’s hyper-connected world, supply chains are the lifeblood of industries, spanning across continents and involving numerous third-party vendors. While this interconnectedness brings unparalleled efficiency and opportunities for growth, it… The post Fortifying The Links appeared first on Cyber Defense…

Read more →

In February, the top artificial intelligence (AI) official at the Department of Defense (DoD) laid out his vision for AI-enabled warfare. “Imagine a world where combatant commanders can see everything they… The post The Key to AI-Enabled Multi-Coalition Warfare appeared first…

Read more →

In the ever-expanding digital landscape, cybersecurity remains a critical concern for individuals, businesses, and governments alike. As technology advances, so do the tactics of cybercriminals. One of the most significant… The post The Role of AI in Evolving Cybersecurity Attacks…

Read more →

“Shift-left” is a familiar concept to CISOs and security practitioners across the globe. A term coined to promote the integration of security practices earlier in the software development lifecycle (SDLC)… The post The Fundamental Components to Achieving Shift-Left Success appeared…

Read more →

In a shocking breach of customer privacy, AT&T said in April 2024 that almost all of the data of its cell customers had been stolen. Records of most of AT&T’s… The post AT&T Breach 2024: Customer Data Exposed in Massive…

Read more →

In the ever-evolving landscape of digital security, maintaining trust is paramount. When a Certification Authority (CA) is no longer trusted by browsers like Google, as was demonstrated on June 27th, it… The post How To Navigate Certification Authority Distrust: Preventing Critical…

Read more →

Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…

Read more →

In an era defined by continuous media announcements of organizations that have suffered both government and private data breaches and thefts, the security of this invaluable asset has never been… The post The Traditional Advocates of the Security Perimeter Don’t…

Read more →

Since 2010, Puppet’s annual State of DevOps Report has tracked trends in IT, including security and, more recently, the growth of platform engineering. 2024’s edition, which includes the results of a survey… The post Is Platform Engineering a Step Towards Better Governed…

Read more →

Russia’s reputation for suppressing internet freedom and free expression is well documented. VPNs have long had a contentious relationship with the Russian state, and in recent years they have been… The post Russia, Apple, And the New Front Line in…

Read more →

Privileged accounts are highly coveted targets for malicious attackers due to the extensive access they provide. According to the 2024 Verizon Data Breach Investigation Report, nearly 40% of data breaches… The post Best Practices for Effective Privileged Access Management (PAM)…

Read more →

In the dynamic landscape of Operational Technology (OT), robust cybersecurity measures are paramount. As the digital transformation accelerates, protecting critical infrastructure becomes more challenging. Fortunately, three key standards—NIS2, CRA, and… The post Securing the OT Stage: NIS2, CRA, and IEC62443…

Read more →

A central principle in many data protection laws around the globe is data minimization. But we are currently facing a serious issue: we don’t have legal clarity on what exactly… The post The Urgent Need for Data Minimization Standards appeared…

Read more →

The specter of security vulnerabilities is a constant concern in today’s digital landscape. They’re the hidden pitfalls that can undermine even the most meticulously crafted code. But what if you… The post Four Ways to Harden Your Code Against Security…

Read more →

Today, it’s rare for a month to pass without reports of new distributed denial-of-service (DDoS) attacks. Lately, geopolitical instability and hacktivist groups (e.g., Anonymous Sudan and NoName057(16)) have driven attacks, and these types of attacks… The post Is There a DDoS Attack Ceiling? appeared first…

Read more →

Today’s cloud security categories don’t do practitioners any favors when it comes to identifying the key requirements for detection and response in the cloud. This is because various detection and… The post Ditch The Cloud Security Labels to Nail Detection…

Read more →

In an era where we are completely reliant on digital connectivity, the security of our critical infrastructure is paramount. CISA defines 16 sectors of US critical infrastructure; each unique and yet… The post Cybersecurity At the Crossroads: The Role Of Private…

Read more →

by Dan K. Anderson CEO, CISO, and vCISO As cyber threats grow more sophisticated and frequent, organizations face immense pressure to simplify their security stacks and improve operational efficiency. According… The post Innovator Spotlight: Fortra appeared first on Cyber Defense…

Read more →

Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply chains with an alarming increase in frequency. By taking advantage… The post Protect SAP Supply Chains by Preventing Cyber Attacks…

Read more →

Data breaches impacted more than 1 billion users in the first half of 2024, up 409% from this time last year, emphasizing the importance of maintaining stealth cyber hygiene. The truth is, as… The post Breaking Up with Your Password: Why It’s Time…

Read more →

Brands are increasingly seen to be employing familiar and expensive faces to ambassador ad campaigns and new products. However, with an estimated 26% of ad spend lost to ad fraud, businesses are… The post Big Faces, Big Spend, Low ROI: Why Ad…

Read more →

In the ever-evolving landscape of cryptography, traditional encryption methods safeguarding data at rest and in transit remain foundational to cybersecurity strategies. However, the security of decrypted data actively used within… The post Beyond Encryption: Advancing Data-in-Use Protection appeared first on…

Read more →

Maintaining a resilient, secure, and efficient network infrastructure is more important than ever. Network monitoring systems, which encompass both hardware and software tools, play a pivotal role in achieving this… The post Benefits of Network Monitoring Systems appeared first on…

Read more →

Mission-Critical Iot Systems: Cybersecurity Principles In creating an effective cybersecurity strategy for IoT systems, software architects examine obstacles that limit the security options for their target systems. To deliver a… The post Autonomous, Deterministic Security for Mission-Critical IOT Systems appeared…

Read more →

The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst up at night. The recent XZ backdoor attack is finally… The post The Unsolvable Problem: XZ and Modern Infrastructure appeared…

Read more →

The move to cloud is not slowing down – spending by Federal civilian agencies on cloud computing could reach $8.3 billion in Fiscal Year (FY) 2025. But despite years of guidance (from… The post A Cloud Reality Check for Federal Agencies appeared…

Read more →

As Generative AI becomes more deeply integrated into our digital landscape, organizations face a growing need to manage application, technology, and cybersecurity risks effectively. The rapid evolution of AI technology… The post A CISO’s Guide to Managing Risk as the…

Read more →

Cyber Defense Magazine Thought Leadership Interview with Nitesh Sinha, Founder and CEO of Sacumen and Praneeth Kudithipudi EVP Sales of Sacumen By Yan Ross, CDM Editor-in-Chief Editor’s Note: Cyber Defense… The post Sacumen Advances to the Front Line of Thought…

Read more →

In the rapidly evolving digital landscape, cybersecurity has emerged as a critical concern, particularly for the manufacturing sector. Recent data highlights a staggering 165% surge in cyber-attack attempts on manufacturing facilities, a… The post Why Manufacturing IT Leaders are Turning to AI-Powered…

Read more →

In an era where digital transformation is reshaping healthcare, dental practices find themselves caught in a perfect storm of cybersecurity vulnerabilities. As ransomware attacks surge across the healthcare sector, dental… The post BYTE BY BYTE appeared first on Cyber Defense…

Read more →

Transactions involving U.S. targets and acquirers continue to represent a substantial percentage of overall deal volume, with U.S. M&A exceeding $1.26 trillion in 2023, according to research from the Harvard Law… The post Steps To Protect Against Cybersecurity Threats During Mergers…

Read more →

by Gary S. Miliefsky, CISSP, fmDHS Ho-ho-hold on to your data! 🎅 The holiday season is here, bringing cheer, gifts, and…cybercriminals?! That’s right! While you’re decking the halls, hackers are… The post Halting Hackers on the Holidays: Protecting Yourself from…

Read more →

The world’s first artificial intelligence law, the EU AI Act, finally came into effect on 1 Aug 2024, 4 years after it was initially proposed by the European Commission. After… The post Preparing for EU AI Act from a Security…

Read more →

Introduction In today’s fast-paced digital world, organizations face a myriad of cybersecurity challenges that demand expert guidance and strategic oversight. Enter the Virtual Chief Information Security Officer (vCISO), a role… The post The Initial Engagement Process for Contracting with a…

Read more →

There are two main reasons why supply chain attacks are on the increase. First, there is a general trend of companies outsourcing more critical business functions to external providers, and… The post Shifting The Focus: From Compliance to Secops In…

Read more →