Website, Know Thyself: What Code Are You Serving?
Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites.
Plugging the Data Leak in Manufacturing
IIoT-generated data – calibrations, measurements and other parameters – still need to be stored, managed and shared securely.
Art Imitates Life: Lessons from the Final Season of Mr. Robot
Unlike Elliot, real-world adversaries don’t have lofty ideals nor do they suffer crises of conscience.
How to Secure Critical Infrastructure When Patching Isn’t Possible
Mission-critical systems can’t just be switched off to apply security updates — so patching can take weeks if not years.
Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security
Tactics for when authorized users need to connect to network resources, or need to venture out to the web to complete important tasks.
10 Steps for Ransomware Protection
Here are things you can do right now to shore up your defenses and help your recovery when you get hit.
Cyber-Risk Business Cases: Using Economic Impact to Justify TIG Investment
How to determine — and communicate — the value of Threat Intelligence Gateways (TIGs) in your enterprise.
Rethinking Responsibilities and Remedies in Social-Engineering Attacks
The idea that humans are the weakest link shouldn’t guide the thinking on social-engineering defense.
Insider Threats Are Rising – But They Shouldn’t Be
Simply implementing best practices is not enough to address the risk coming from your own employees.
Gamification Can Transform Company Cybersecurity Culture
Implementing game mechanics and competition into the mix can incentivize employees to improve their cybersecurity posture.
